On Wed, Jul 16, 2003 at 10:05:57PM +0200, Michael Schierl wrote: > Hi, > > ----- > C:\Programme\Internet\Freenet0.5>java -cp freenet.jar \ > freenet.client.cli.Main genkeys > log level: normal - 8 > State PREPARED reached. > State REQUESTING reached. > Priv. key: buRi0dXrmjjUvTYIgse2YWjWfjU Pub. key: > vRU1l8G8zAEVnUupbHLQ3rUkTw8 Entropy: W6k8nbDP~T9StSHXQg5D9g > Insert at [EMAIL PROTECTED],W6k8nbDP~T9StSHXQg5D9g/ > Request at [EMAIL PROTECTED],W6k8nbDP~T9StSHXQg5D9g/ > State DONE reached. > > C:\Programme\Internet\Freenet0.5>java -cp freenet.jar \ > freenet.client.cli.Main genkeys > log level: normal - 8 > State PREPARED reached. > State REQUESTING reached. > Priv. key: IP5CDosyXk8uxJyL5JLn~~WCTaY Pub. key: > t0mRfI6pCPOI3J7KI6Wq0zQoaz8 Entropy: W6k8nbDP~T9StSHXQg5D9g > Insert at [EMAIL PROTECTED],W6k8nbDP~T9StSHXQg5D9g/ > Request at [EMAIL PROTECTED],W6k8nbDP~T9StSHXQg5D9g/ > State DONE reached. > ----- > > Whatever I do (reboot, restart fred, ...) I *always* get an entropy of > W6k8nbDP~T9StSHXQg5D9g. > > Is that intended (e.g. it is created from some node specific things), > which is bad (one could trace the inserter of a Freesite using the > Entopy field) or is it just a bug?
It's a bug. The entropy is being generated on the client side, instead of on the node side, and it is using an unseeded RNG or something. > > ----- > C:\Programme\Internet\Freenet0.5>java -cp freenet.jar freenet.Version > Freenet: Fred 0.5 (protocol 1.46) build 5009 (last good build: 565) > > C:\Programme\Internet\Freenet0.5>java -version > java version "1.4.2" > Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2-b28) > Java HotSpot(TM) Client VM (build 1.4.2-b28, mixed mode) > ----- > > BTW: how can I generate entropy locally? > looking into the code (freenet.client.ClientSVK#makeCryptoKey()) reveals > some SHA1 digest over lotsa zeros and some random data or sth like that. > > And would it be good if FIW used entropy in next version or is it bad > due to "partitioning attacks"? > > mihi > > _______________________________________________ > devl mailing list > [EMAIL PROTECTED] > http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/devl -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
pgp00000.pgp
Description: PGP signature
