Simon Tatham on Nostr: I wish someone had made a law 40 years ago that every secure hash function should be ...
I wish someone had made a law 40 years ago that every secure hash function should be normalised so that a zero-length input string maps to the all-zero hash value.
This is easy to implement, and doesn't affect security: just specify your hash function in the natural way, compute the hash of "", and then append a line to the spec saying "finally, xor with that".
But it means when someone reports "your file has the wrong sha256sum", it's easy to notice that that's because their file is empty!
This is easy to implement, and doesn't affect security: just specify your hash function in the natural way, compute the hash of "", and then append a line to the spec saying "finally, xor with that".
But it means when someone reports "your file has the wrong sha256sum", it's easy to notice that that's because their file is empty!