diff options
author | Tim Ruffing <crypto@timruffing.de> | 2019-12-12 22:49:21 +0100 |
---|---|---|
committer | Pieter Wuille <pieter.wuille@gmail.com> | 2020-01-19 14:47:33 -0800 |
commit | ad6bb6c1ff5a88b0f91f9363964cf39581d650ad (patch) | |
tree | 536277c76450fef1b6df8690f65f2a1768e30382 /bip-0124.mediawiki | |
parent | 966eadca3a8f5ea118ca98e45cf37f165b399f0a (diff) |
Clarify why we don't want short hashes
This is supposed to supersede https://github.com/sipa/bips/pull/158.
I tried to say this carefully. I don't think that multiparty signing is in general broken with short hashes. For example the attack in #158 could be avoided by letting everybody not only commit to the nonce but also to the message. It's just that using a collision-resistant hash just eliminates the problem entirely...
Diffstat (limited to 'bip-0124.mediawiki')
0 files changed, 0 insertions, 0 deletions