> > As a side result, this shows that it now costs less than 100k USD to
> > break cryptography with a security level of 64 bits (i.e. to compute
> > 264 operations of symmetric cryptography).
Just to clarify:
As a stopgap measure, the collision-detection library of Stevens and Shumow [SS17]
can be used to detect attack attempts (it successfully detects our attack).
At the end of section 7.0,
Cheers
-Santiago
Attachment:
signature.asc
Description: PGP signature
