wholetrans/docs-matrix-spec
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

fix attacks paragraph

Browse source
This commit is contained in:
Andrew Morgan 2019-07-08 13:27:38 +01:00
parent dd8a6549c9
commit 1963a24832
1 changed files with 6 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

9
proposals/2134-identity-hash-lookup.md
View file

@ -64,9 +64,12 @@ hashed). First the client must prepend the medium to the address:
"denny@example.com" -> "email denny@example.com" "denny@example.com" -> "email denny@example.com"
``` ```
Hashes must be peppered in order to reduce both the information a client gains Hashes must be peppered in order to reduce both the information an identity
during the process, and attacks the identity server can perform (namely sending server gains during the process, and attacks the client can perform. Clients
a rainbow table of hashes back in the response to `/lookup`). will have to generate a full rainbow table specific to the set pepper to
obtain all registered MXIDs, while the server has to generate a full rainbow
table with the specific pepper to get the plaintext 3pids for non-matrix
users.
In order for clients to know the pepper and hashing algorithm they should use, In order for clients to know the pepper and hashing algorithm they should use,
Identity servers must make the information available on the `/hash_details` Identity servers must make the information available on the `/hash_details`