Delivery-Date: Mon, 12 Jan 2015 06:33:40 -0500
Return-Path: <tor-talk-bounces@lists.torproject.org>
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on moria.seul.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.8 required=5.0 tests=BAYES_00,FREEMAIL_FROM,
	RCVD_IN_DNSWL_MED,RP_MATCHES_RCVD,URIBL_BLOCKED autolearn=ham version=3.3.1
X-Original-To: archiver@seul.org
Delivered-To: archiver@seul.org
Received: from eugeni.torproject.org (eugeni.torproject.org [38.229.72.13])
	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by khazad-dum.seul.org (Postfix) with ESMTPS id 300471E0500
	for <archiver@seul.org>; Mon, 12 Jan 2015 06:33:39 -0500 (EST)
Received: from eugeni.torproject.org (localhost [127.0.0.1])
	by eugeni.torproject.org (Postfix) with ESMTP id DD07532411;
	Mon, 12 Jan 2015 11:33:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by eugeni.torproject.org (Postfix) with ESMTP id C0E8A323FE
 for <tor-talk@lists.torproject.org>; Mon, 12 Jan 2015 11:33:30 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at 
Received: from eugeni.torproject.org ([127.0.0.1])
 by localhost (eugeni.torproject.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id eWpLLkAmuoJx for <tor-talk@lists.torproject.org>;
 Mon, 12 Jan 2015 11:33:30 +0000 (UTC)
Received: from outbound003.roc2.bluetie.com (outbound003.roc2.bluetie.com
 [208.89.132.143])
 (using TLSv1 with cipher DHE-RSA-AES128-SHA (128/128 bits))
 (Client CN "Bizanga Labs SMTP Client Certificate",
 Issuer "Bizanga Labs CA" (not verified))
 by eugeni.torproject.org (Postfix) with ESMTPS id A0153323F2
 for <tor-talk@lists.torproject.org>; Mon, 12 Jan 2015 11:33:30 +0000 (UTC)
Received: from web005.roc2.bluetie.com ([10.200.2.99])
 by outbound003.roc2.bluetie.com with outbound003
 id ezZT1p00528AQ4S01zZTqW; Mon, 12 Jan 2015 06:33:27 -0500
X-CMAE-OUT-Analysis: v=2.1 cv=WYw1NSRX c=1 sm=1 tr=0
 a=vL3HbRNXJhJQQ3qw5A4SiA==:117 a=QoHJ8kPOAAAA:8 a=IkcTkHD0fZMA:10
 a=deDS6JXDAAAA:8 a=5LDbTMvdAeYA:10 a=YNv0rlydsVwA:10 a=NEAV23lmAAAA:8
 a=AwIQbDszAAAA:8 a=G5XJjj8Kie3-bKkJLsAA:9 a=QEXdDO2ut3YA:10
X-CMAE-OUT-Score: 0.00
Received: from web005.roc2.bluetie.com (localhost.localdomain [127.0.0.1])
 by web005.roc2.bluetie.com (Postfix) with ESMTP id 8B91BE9011E
 for <tor-talk@lists.torproject.org>; Mon, 12 Jan 2015 06:33:27 -0500 (EST)
Message-ID: <20150112063327.19238@web005.roc2.bluetie.com>
X-HTTP-Received: from Authenticated sender: freedomfighter3.myway
 [46.59.216.81] by web005.roc2.bluetie.com (BlueTie WebMail);
 Mon, 12 Jan 2015 06:33:27 -0500
X-Mailer: BlueTie MTA
Date: Mon, 12 Jan 2015 06:33:27 -0500
Cc: 
To: tor-talk@lists.torproject.org
From: "Full Name" <freedomfighter3@myway.com>
Importance: normal
Subject: Re: [tor-talk] New Software: P2P filesharing designed to use Tor
X-BeenThere: tor-talk@lists.torproject.org
X-Mailman-Version: 2.1.15
Precedence: list
Reply-To: tor-talk@lists.torproject.org
List-Id: "all discussion about theory, design,
 and development of Onion Routing" <tor-talk.lists.torproject.org>
List-Unsubscribe: <https://lists.torproject.org/cgi-bin/mailman/options/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=unsubscribe>
List-Archive: <http://lists.torproject.org/pipermail/tor-talk/>
List-Post: <mailto:tor-talk@lists.torproject.org>
List-Help: <mailto:tor-talk-request@lists.torproject.org?subject=help>
List-Subscribe: <https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk>, 
 <mailto:tor-talk-request@lists.torproject.org?subject=subscribe>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: tor-talk-bounces@lists.torproject.org
Sender: "tor-talk" <tor-talk-bounces@lists.torproject.org>

Hi there,
thanks for your suggestion. I considered the proposal to have separate hashes 
computed for the files. 
I would not track separate hashes for the reason of possible programming errors, 
but for user purposis, e.g. if a users wants to check if a file contains a virus, using 
a webservice which takes file hashes.

I would consider such a feature but currently the software is not used by people, 
so no urge need to have this feature :)

https://github.com/FreedomFighter1/SecureLoad





-----Original Message-----
From: "SecTech" [tech@firemail.de]
Date: 01/08/2015 11:55 AM
To: tor-talk@lists.torproject.org
Subject: Re: [tor-talk] New Software: P2P filesharing designed to use Tor

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi,

I don't meant to change the hash funktion from SHA-1 to SHA-256, I
meant to hash the 100 KB blocks and the higher level hashes with SHA-1
and to provide a SHA-256 hash that is generated from the file itself
too.
Because two hashes are more secure than one, even if one of them is
broken, because if someone can find a collision in one hash he can't
find a collision in the second at the same time.

The two hash method is only mode secure than a single hash, if someone
can't reverse calculate an information out of the hash. But SHA-1 is so
far I know only vulnarable to collisions at some specific conditions.

Maybe it will be mode secure to use RIPE-MD 160 for hashing the tree
hashes and provide a SHA-256 hash for the whole file too.


- -- 
SecTech <tech@firemail.de>
GPG-ID: 0x364CFE05

-----BEGIN PGP SIGNATURE-----

iQIcBAEBCgAGBQJUrrZXAAoJENR4jiM2TP4FMbQP/jg8gBN+5xiSrx7rVOn/EvEl
OLzEUsrOwNWZ2nbDz2GRMWTRmieBxRxnpp8IYkWjVry7h2hEkfAGTWTF1zlj5KPJ
wNHxBb6Mlw9vlW79nnEdtgkANHgnlrxG/Gg0OYfV8YYquf5OMHvkXVwhv02U4sSr
NxpIFTCg98gXX5297Prn5Ro/n1IECmJuCnh2+qNMB0GdZSwPB3L210/nltkhGcBI
QV1jHc/AevLD4/QgdtV3iYmAHrIrmJ1wdXrlTMQXmmjQcuKL5keFBFXyWjwLBJeW
RO/SK+ph6WCIQrl9CZds3VNvDdR42gb8H8JftGUJv5hyEgiWTfnyD5tCFKi2XBg2
WzzZ+1kebeO0BDTZupgKQqwPc4aG/YrThk3EIX+YJ0vDqIyweTU01SLvapZ/TVS2
zqfroqZTJ43i1j/s275fUyQohUuPlAsViVLt3sOY/REfHwxxYfiiLrp8IEuZWRlT
w6jFxEwvao8o2UJXJ/fFsnJZG47JoXXTcNA8jvNxEqdzzCVrDFm3yWj+ftO+KxsI
nMrdAkvYEG3K7prw+5RY9RvSeRh7WSaaOfcTBFtk5S4d/dWwknTSgN4uFksgvbdy
dMrWNcBXPinLC6YNjKZZ6dTYll13jtC+RwuSmkjDjeOV6PWyiunyr6n6zP5tVZ4j
bGH914P8fcG3+mVuvLK6
=y6wA
-----END PGP SIGNATURE-----
-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk


-- 
tor-talk mailing list - tor-talk@lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk

