Re: [freenet-devl] ok, seriously folks, about fproxy and 0.4

[Ian Clarke]

On Tue, Jun 26, 2001 at 10:22:05PM -0400, Benjamin Coates wrote:
> As long as we have a secure way of negotiating the FCP port and don't rely on 
> an assumed default port.  (it'd be too easy for another local user to listen 
> on the default port and spoof a FCP password request)

Hmmm, good point.  This suggests that a slightly more robust
challenge-response approach would be preferable, at the risk of
increasing the difficulty of client authorship.  With the addition of a
secure hashing algorithm to the client (SHA1 anyone?) this can be
achieved.  The protocol is:

1) Client connects to FCP port on node
2) node sends random string to client
3) client appends random string to plaintext password and hashes result
4) node does same
5) client sends hash to node which compares its hash to the one created
   by the client, and if they are the same the client is authenticated

Perhaps there is an easier hashing algorithm (from an implementation
standpoint) that we could use in place of SHA1 which would also be
secure.

Ian.

PGP signature