|
|
|
|
|
|
by geofft
3840 days ago
|
|
|
Your keyed hash has the following vulnerability: if I want to create a message with a given hash, I can simply take an arbitrary message, compute target_hash ^ mix(current_hash, key), and append that block. More fundamentally it's keyed, and finding a way to make this work for an unkeyed hash is somewhat more complicated. But yes, I'm pretty sure that a secure stream cipher and a secure deterministic CSPRNG are basically the same thing. |
|
|