I see pros and cons to both ways of describing the hash and preimage. I'm always unsure with these pieces what level of technical detail to include or what level of knowledge to assume. Re: sharing secrets. The hash and preimage are effectively ways to authenticate the ILP packet and response and make sure it got to the right recipient. Originally, we thought that the sender and receiver would exchange the condition out of band for each packet, but that doesn't work well with the streaming payments or packetized value model. Exchanging a shared secret up front allows you to authenticate any number of subsequent packets. STREAM assumes you start with a shared symmetric key but it doesn't specify how you get that. In practice, most higher-level protocols will use public key cryptography to generate that shared secret, whether that means going through the internet and TLS (like SPSP does) or doing the key exchange through ILP. On Oct 18 2018, at 11:13 am, David Nicol <davidnicol@gmail.com> wrote: > > > > how about calling the preimage a "per-transaction password" and say "one-way hash function" to avoid confusion with signatures? > > > > > On Wed, Oct 10, 2018 at 2:13 PM Giovanni P <fiatjaf@alhur.es (mailto:fiatjaf@alhur.es)> wrote: > > > I think everybody knows what a hash is, but "preimage" is a little > > > more advanced/obscure. > > > > > > "established cryptographic principles" is much more mumbo-jumbo than > > > saying "hash". > > > > > > > > -- > "I don't know about that, as it is outside of my area of expertise." -- competent specialized practitioners, all the time > > > >
Received on Tuesday, 30 October 2018 16:29:43 UTC