On 8/30/06, Simetrical Simetrical+wikitech@gmail.com wrote:
On 8/30/06, Gregory Maxwell gmaxwell@gmail.com wrote:
H(secret + ip) can only be inverted by exhaustive search of both the secret and the IP (or the secret if you happen to have some known H(), IP pairs)... and the secret can be much longer than 32 bits.
Except that presumably anyone with access to the actual encoded IPs will have access to the secret as well, yes? Or are we talking about letting *anyone* see the encoded IP-pageview correlations? In which case, that is kind of a privacy violation, in the AOL style.
It can be easily configured so that anyone with access to the secret has privileged access to the server and, already, anyone with privileged access to the server could be logging IPs.