It would not help at all because the insertor would need all the keys, and if it is compromized, it is the insertor that is compromized.
The solution is "revocable SSKs". Basically, you have a list of SSKs to check before allowing access to the site, and if any of them have been inserted, you flag up a big warning message saying the site has probably been compromized. Thus we could give a number of trusted people other than the insertor their own keys to insert if the insert key is compromized, and it would be checked before the user views the site. Although freenet loses data, these keys would spread pretty quickly given the frequency of them being requested. I would want to test that assertion though. The user interface would look something like the splitfile downloader, but of course it would be cached and prefetched for the front page links if any of them are revocable. On Tue, Sep 23, 2003 at 12:41:11PM +0200, Some Guy wrote: > --- Tracy R Reed <[EMAIL PROTECTED]> wrote: > > And if the key is compromised and a trojan build put > > in place? > > > > Those trust issues. > > > > They need revokable keys so that then the compromise > > is detected they can > > prevent people from downloading the bad build. The > > implications of a > > privacy compromise due to a trojan'd freenet build > > are pretty serious. > > Well, I'm not sure what you mean by revokable keys. > > Here's an interesting idea. I'm not 100% sure it > works, maybe someone else knows a bit more about how > modular aritimatic works, and can double check me. > > I believe it is possible to setup multiple private > keys that have to be used in conjunction to sign a > certificate which looks just like an RSA certificate. > > If I'm right we could have freesites with multiple > party certification. So then all keys have to be > compromised before it can be hacked and you can sleep > better at night. The sweet thing is you wouldn't have > to change much about freenet, only the inserter would > need to change some. The site would be under a normal > SSK. > > Math: > p,q are large primes > N = p*q > e1,e2, ...en are picked st. they are relatively prime > to (p-1)(q-1) > d1,d2,....dn are calculated as inverses of the e's > E=e1*e2*...en mod N > public key is <E,N> > private keys are <d1,N>,<d2,N>, ..<dn,N> > > Use like regular RSA. > Am I right? > > __________________________________________________________________ > > Gesendet von Yahoo! Mail - http://mail.yahoo.de > Logos und Klingelt?ne f?rs Handy bei http://sms.yahoo.de > _______________________________________________ > Devl mailing list > [EMAIL PROTECTED] > http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl -- Matthew J Toseland - [EMAIL PROTECTED] Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so.
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
