There is a trivial malicious signer attack against a signature scheme using a hash function without collision resistance. Compute colliding messages A and B, sign A, present B in case of a dispute.
-
-
We are talking about
#cryptocurrencies, let's stick to the context. Is it possible to steal coins if the hash functions demonstrated to have collisions but second preimage resistance is not broken?1 reply 0 retweets 9 likes -
This depends on the actual application of the function, of course. The repo has test vectors for those as evidence. Anyway, if you are going to call this a "hash function" in the cryptographic sense, you should satisfy all requirements, or risk getting broken by collisions.
1 reply 0 retweets 0 likes -
The application of the function is standard for the majority of the signature schemes - calculation of the digest of a signed message (transfer info). So, what would your answer be? I believe it's "No" and expect to get an honest direct answer.
1 reply 0 retweets 6 likes -
Then the signature scheme gets broken, for any reasonable definition of a signature scheme.
1 reply 1 retweet 0 likes -
Why have you ignored "We are talking about
#cryptocurrencies, let's stick to the context"? Let me paraphrase: - Is it possible to steal coins if the hash function has known collisions but second preimage resistance is not broken?1 reply 0 retweets 11 likes -
We are also talking about digital signatures, let's stick to the definitions. For reference, I have been fighting the Brazilian electoral authority for 6y because they insist the flaws we found in their cryptographic mechanisms are not exploitable in the "full electoral process".
2 replies 0 retweets 1 like -
Come-from-Beyond Retweeted Come-from-Beyond
I know your story and you look as a person with integrity who defends the truth. Answering to https://twitter.com/c___f___b/status/966408478075117568 … without divergence to abstract cases would help a community which fights against people who abuse power of their reputation. Just answer that question, please.
Come-from-Beyond added,
2 replies 0 retweets 17 likes -
BTW, sending an army of supporters to flood researchers criticizing IOTA by claiming conflicts of interest, academic fraud, legal threats, and the like, looks just like abusing power based on reputation inside your supporting community.
4 replies 0 retweets 0 likes -
I'm not sending them, I assure you. Regarding conflict of interest and academic fraud: the former has independent proofs and the latter will be proven later.
2 replies 0 retweets 19 likes
$IOTA Foundation would be foolish to send “army of supporters to flood researchers“. these are reactions from passionate people who are supporting and invested in a crypto project. try this experiment: criticize #Bitcoin and see how much toxic messages you’ll receive.
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.