On Thursday 30 October 2003 02:10 pm, Alejandro R. Mosteo Chagoyen wrote: > Dicho por Toad: > > On Fri, Oct 31, 2003 at 02:50:25AM +1300, David McNab wrote:
> > Please give us the CHK. We do not trust KSKs. > > Is there some doc where one can get a quick grasp of how work/what are > the different properties of each key type? That sort of thing has been hard to locate since the last time the website got destroyed, but here's the quick summary for anyone who might have been wondering. In case my memory has gone fuzzy, PLEASE feel free to correct me. :) First, it is important to know that any key really consists of two parts -- a "routing key" which is used to locate and retrieve the data from the network, and a "decryption key" which is used to decrypt the data once we get it. The routing key goes out over the network; the decryption key stays at the requesting node. With a CHK, both of these keys are generated from the actual data (and metadata), in a way that the one can't be determined from the other, of course. Because of this, if someone gives us a CHK, we can verify that what we retrieved is the exact data that the other person meant for us (within odds of a couple billion billion billion, at least). With an SSK, mumble. I'll get back to you if I remember the specifics, or can look them up. But the way it works is that only someone with the appropriate private key can insert an SSK that will verify. With a KSK, both keys are generate from the key name (e.g. latency-test.tar.gz) itself. As such, it is possible to mount an attack that will replace the contents of a KSK with something entirely different, if you know the name. If you don't, it still involves breaking a hash. But there's no guarantee of the validity of the data (as with a CHK) or of the inserter's private key (as with an SSK). Really, a CHK is the safest way to make sure you're getting what you want, assuming you trust whomever you got the key from (not freenet's issue). SSK is a compromise -- it's a whole lot more convenient, but you place your trust in a private key that could be compromised. But KSK is not very useful at all for anything very serious. Hope this helped some --hobbs
pgp00000.pgp
Description: signature
_______________________________________________ Devl mailing list [EMAIL PROTECTED] http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/devl
