1 Sep
2025
1 Sep
'25
12:47 a.m.
brent saner via NANOG writes:
Alice creates keypair *KP2*, with public key *K2*. Alice then pads junk to *K2*'s *n* until she reaches collision in the wire-packed form with *C,* creating *Blob1*. Let's say Alice had to add 512 bytes to reach collision with *C*.
To "reach collision in the wire-packed form with C", for a value of C that Alice was given and didn't choose, with currently known techniques, Alice has to do 2¹²⁸ work, which she can't do. It's not good practice to give Alice this attack vector for no reason, and maybe a future technique could make it more feasible, but it's still not expected that she can exploit it at present.