On Friday 01 February 2008 17:00, Robert Hailey wrote: > > On Jan 31, 2008, at 11:03 AM, Robert Hailey wrote: > > >> How do you authenticate the routed pings, to prevent an attacker from > >> replying on behalf of another node? > > > > Excellent question. Surely the "true/false" response of present is > > woefully inadequate. Since we have a direct connection to the peer > > that we are pinging a challange-and-response mechanism is easy, no? > > > > Consider node "B" who is between "A" & "C" (A-B-C). He tells "C" a UID > > & Secret [a randomly generated long?], and "C" stores that secret/uid > > as part of our peernode record. Node "B" then sends node "A" a routed > > ping with the same UID, and if node "A" returns the pong with the > > correct secret it is a success. > > I was supposing that these pings would be sent at less-than-max htl > (since we are not searching the network but doing a connectivity > test), but wouldn't that possibly allow an attacker to learn who your > peers are? > > That is, if an attacker has a node connected to your node and your > peers node, he could put together the ping from yours, the reply from > your peer, plus the fact that the reply comes from a node of the same > location as the ping, and be reasonably sure he is your peer. Whereas > with the probabilistic decrement at the real maxHTL, they could not be > nearly so sure.
He can already know this, because of swapping.
pgpX3qDer7XDK.pgp
Description: PGP signature
_______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
