comment by JakobVirgil

a thoughtful web.

commentspostsbadges

Good ideas and conversation. No ads, no tracking. Login or Take a Tour!

JakobVirgil · 4285 days ago · link · · parent · post: Tin-Can discussion on /r/Android

no centralized database. When you name yourself you your suffix is a hash.

markup tips · 0

user-inactivated · 4284 days ago · link ·

not sure i understood that. is the name's suffix a hash of the corresponding key? how will you handle hash collisions?

+discuss+discuss

–

JakobVirgil · 4284 days ago · link ·

Great question the outcome would be spoofing - writing messages and miss-attributing them (can you still do that on email?) The user name is folded in with message so that would be a bit harder do than in email were one just has to change some text. accidental collisions will of course be rare although the soccer pitch problem 4294967295 /4294967296 * 4294967294 /4294967296 ... (4294967296 - n - 1)/4294967296

should we tack on another char?

+discuss+discuss

–

user-inactivated · 4284 days ago · link ·

why not ten? don't make your decisions based on accidental collisions, if your app is useful at all there will be people searching for collisions maliciously

+discuss+discuss

–

JakobVirgil · 4284 days ago · link ·

Exactly accidental collisions even if the hash was random would be rare there would have to be more than 2 billion steves before the chance of collision became likely.

as it stands tin-can is more spoof resistant than email. The signature is not in plain text standard editors would not be effective in changing it. It is assigned at installation making forced selection quite a bit of a chore.

I need to thank you for this line of questions it is making me think that the encryption and the hash should perhaps not be made public.