Minor typos

[vladimir-mencl-eresearch]

Hi,

I've just read through the whole book - thanks, it was an enlightening read, filling in various gaps / unknowns.

I've discovered and wrote down a few minor typos - here they are to help improve the book:

• [x] 7.3 Padding: The text talking about 8-byte blocks uses as example : p0p1p2p3p4p5.030303 - which is however 9 bytes long.
• [x] 7.11 RC4: footnote: extra backslash in front of pipe character - possibly double-escaped pipe, resulting into: \|
• [ ] 8.4 ECDH: In this text: `"This is because the fastest algorithms for breaking the discrete log problem have a larger asymptotic complexity than their elliptic curve variants." I believe it should be the other way round (elliptic curves having larger asymptotic complexity).
• [x] 9.2 Why not PKI for everything: mixing 2048 bits and 2048 bytes in performance comparisons
• [ ] 10.8 Acronym MAC (Message Authentication Code) not defined in text by its first use. (Defined in Chapter 11)
• [x] ~10.8: "Meet in the middle": is that a typo from "man in the middle" or is that a new term? If a new term, not defined anywhere else.~ (invalid: see comments)
• [x] 10.9: In the text: The root node, not having an ancestor, simply hashes its own contents., did you mean "leaf node" instead of "root node" ?
• [x] 10.9: Punctuation missing mid-sentence: "This definition is very wide >>;<< practical hash trees are often more restricted."

But these are all just minor typos - thanks again for the read!

Cheers, Vlad

[lvh]

Thanks, Vladimir! I'm starting to address these.

[lvh]

The RC4 pipe bug was fixed in a different PR, so I'm checking it off.

[EdOverflow]

Hi @vladimir-mencl-eresearch,

Man-in-the-middle and meet-in-the-middle attacks are two diffrent things.

Here is a good explanation: http://crypto.stackexchange.com/a/31900

Man-in-the-middle:

Man-in-the-middle is an active attack to a cryptographic protocol, where the attacker is, effectively, in between the communications of two users, and is capable of intercepting, relying, and (possibly) altering messages. In this case, the meaning of "in the middle" is direct: the attacker is in the middle of two communicating users.

Meet-in-the-middle:

Meet-in-the-middle is a type of cryptanalytic attack that uses some sort of time-space trade-off to drastically reduce the effort to perform a brute-force attack (e.g., transforming an attack that requires 21282128 time into one that takes 264264 time and 264264 space). In this case, the name of the attack comes from the expression "let's meet in the middle", which means "to make a compromise". It may also refer to a type of attack over certain block ciphers, where the attacker decompose the problem in two halves and proceeds on each part separately.

I hope this helps and I fully agree that meet-in-the-middle needs to be explained somewhere in the book.

Best regards, Ed

[lvh]

@EdOverflow: you're absolutely right. Fortunately a ticket has already been filed for that: https://github.com/crypto101/book/issues/295

[vladimir-mencl-eresearch]

@EdOverflow : Thanks, that explains it well!

[lvh]

Re: root node and leaf node: typically it's the root node that has no ancestor; but nomenclature depends on the exact kind of tree.