wanderer/ BLAKE3
1
0
Fork 0
mirror of https://github.com/BLAKE3-team/BLAKE3 synced 2024-05-18 16:26:07 +02:00
Code Issues Releases Activity

correct the security notes for the C API

This commit is contained in:
Jack O'Connor 2022-03-03 12:06:14 -05:00
parent d295410aad
commit 3e67a8f45b
1 changed files with 1 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
c/README.md
View File

@ -197,8 +197,7 @@ bits of collision resistance, for any N up to 256. Longer outputs don't provide
security. security.
Avoid relying on the secrecy of the output offset, that is, the number of output bytes read or Avoid relying on the secrecy of the output offset, that is, the number of output bytes read or
the arguments to [`seek`](struct.OutputReader.html#method.seek) or the `seek` argument of `blake3_hasher_finalize_seek`. [_Block-Cipher-Based Tree
[`set_position`](struct.OutputReader.html#method.set_position). [_Block-Cipher-Based Tree
Hashing_ by Aldo Gunsing](https://eprint.iacr.org/2022/283) shows that an attacker who knows Hashing_ by Aldo Gunsing](https://eprint.iacr.org/2022/283) shows that an attacker who knows
both the message and the key can easily determine the offset of an extended output. For both the message and the key can easily determine the offset of an extended output. For
comparison, AES-CTR has a similar property: if you know the key, you can decrypt a block from comparison, AES-CTR has a similar property: if you know the key, you can decrypt a block from