* Michael Rogers <[EMAIL PROTECTED]> [2007-11-14 13:19:31]: > Florent Daignière wrote: > > We are not debating the strength of the key here... The only purpose of > > the outter layer encrytion is to avoid cheap pattern matching. > > Agreed, the goal is obfuscation rather than strong encryption. However, > that's orthogonal to the question of whether we need long refs to derive > a suitable key. As far as I can see, we don't. >
Go ahead and suggest something that works then :) > For example, K = hash (A's ref, B's ref, random nonce generated by A). > A's first message starts with the random nonce; the rest of the JFK > exchange is obfuscated using K. > > The length of the refs has no effect on security, but it has a big > effect on darknet usability. We can't do that because if we shorten refs we will have to exchange them "in band"... during the JFK negociation... and that precludes using part of the reference as the key for the outer layer encryption. Needless to say that using only the nonce as the key isn't an option. NextGen$
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
