pymerkletools icon indicating copy to clipboard operation
pymerkletools copied to clipboard

Published 20 hours ago verified publisher icon Tierion

Is this implementation safe against second preimage attacks?

Open void4 opened this issue 6 years ago • 5 comments

https://flawed.net.nz/2018/02/21/attacking-merkle-trees-with-a-second-preimage-attack/

https://en.wikipedia.org/wiki/Merkle_tree#Second_preimage_attack

void4 avatar Oct 27 '18 19:10 void4

https://github.com/Tierion/pymerkletools/issues/16

LucaPaterlini avatar Jan 17 '19 18:01 LucaPaterlini

Yes, but!

add_leaf() should per default apply a hash to the value, even if it is a list

so instead of add_leaf(value, do_hash) it should really be add_leaf(value, do_not_hash)

if you don't hash the leaf of a merkle tree you are not applying the correct merkle tree algorithm.

or even better add add_node(hash), make add_node([hash]) illegal, make a add_nodes([hash]), make add_leaf() always apply hash to the value, make add_leaves([value]) map the hash function over the list first.

andreaskern avatar Mar 07 '19 15:03 andreaskern

After Re Reading the attack it should be possible.

So it is not safe.

andreaskern avatar Mar 09 '19 14:03 andreaskern

Can you add a note about this in the README?

void4 avatar Mar 11 '19 18:03 void4

This is from 2018 and still not fixed. Any chance you'll fix this with a 0x00 prefix for leaves and a 0x01 prefix for branches ?

jdbertron avatar Nov 04 '23 07:11 jdbertron