On Sun, Oct 04, 2015 at 01:58:15AM -0400, Steve Dougherty wrote: > In the light of the elliptic curve attacks [0] are you interested in > helping rekey the seed nodes? Does it require new code? > > - Steve > > [0] https://freenetproject.org/news.html#20150917-ecdsa-vulnerability
I don't think this affects us much actually. It only exposes the ephemeral ECDH keys, not the node private key. We don't need to change the ECDSA node private keys because of a bug affecting ECDH, which uses different keys. I guess if Mallory can crack the ECDH keys fast enough he might be able to do an MITM against the connections between his peers and their peers. Or maybe just passively decrypt the connections? JFK is designed to provide some protection against DH bugs? On darknet, Mallory can't get any further than his peers' peers. On opennet, he can add more connections, but there are easier attacks for that e.g. malicious seednodes. Florent?
signature.asc
Description: Digital signature
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
