> From: Kerry Bonin <[EMAIL PROTECTED]>
> Date: Thu, 27 Oct 2005 06:52:57 -0700
> To: [EMAIL PROTECTED], "Peer-to-peer development." <[EMAIL PROTECTED]>
> Subject: Re: [p2p-hackers] P2P Authentication
> User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
> Reply-To: "Peer-to-peer development." <[EMAIL PROTECTED]>
> There are only two good ways to provide man-in-the-middle resistant
> authentication with key repudiation in a distributed system - using a
> completely trusted out of band channel to manage everything, or use a
> PKI.  I've used PKI for >100k node systems, it works great if you keep
> it simple and integrate your CRL mechanism - in a distributed system the
> pieces are all already there!  I think some people are put off by the
> size and complexity of the libraries involved, which doesn't have to be
> the case - I've got a complete RSA/DSA X.509 compliant cert based PKI
> (leveraging LibTomCrypt for crypto primitives) in about 2k lines of C++,
> <30k object code, works great (I'll open that source as LGPL when I
> deploy next year...)  The only hard part about integrating into a p2p
> network is securing the CA's, and that's more of a network security
> problem than a p2p problem...

It's great to see this guy showing up yet another of the false dogmas
of the crypto hacker community: "PKI can't work". According to this
view, only old fogies and tight ass bureaucrats believe in certifying
keys. All the cool kids know that the best key is a bare key. After
all, MITM attacks never really happen, this was just an invented
threat designed to force poor college kids into paying hundreds of
dollars a year for a verisign certificate.

But when we come into the P2P world things look very different. Where
MITM would require special positioning in the old net, in a
distributed P2P network, everyone's a MITM! Every key has passed
through dozens of hands before you get to see it. What are the odds
that nobody's fucked with it in all that time? You're going to put
that thing in your mouth? I don't think so.

Using certificates in a P2P network is like using a condom. It's just
common sense. Practice safe cex!


Reply via email to