W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2014

Re: [integrity]: latency tradeoffs

From: Adam Langley <agl@google.com>
Date: Wed, 15 Jan 2014 13:34:20 -0500
Message-ID: <CAL9PXLyB=Eab7P-C1xX=HhC4UC47jovTw3+=+X7ETc-dg1_-+w@mail.gmail.com>
To: "Oda, Terri" <terri.oda@intel.com>
Cc: "public-webappsec@w3.org" <public-webappsec@w3.org>
On Wed, Jan 15, 2014 at 1:23 PM, Oda, Terri <terri.oda@intel.com> wrote:
> Anything that sounds like "take this existing cryptographic algorithm and
> alter it in this way..." is a bit of a red flag in security.   For those of
> us not particularly familiar with the Merkle tree and its applications,
> could you provide some links that show that cryptographers believe that this
> variation is a safe and reasonable way to provide stream verification of
> data?

Merkle trees are old (by cryptography standards: late 1970's) and it's
easy to show that they have the desired properties by assuming an
ideal hash function. The Wikipedia page isn't bad and lists some
current uses: http://en.wikipedia.org/wiki/Merkle_tree. There is also
the original use: http://en.wikipedia.org/wiki/Merkle_signature_scheme


Cheers

AGL
Received on Wednesday, 15 January 2014 18:35:07 UTC

This archive was generated by hypermail 2.3.1 : Monday, 23 October 2017 14:54:04 UTC