> > The benchmark protocol for secure communications is SSL. Generally I > > try to follow its principles in terms of what attacks it guards against. > > SSL does not try to hide which symmetric cipher is used. And of course > > it can't hide what kind of asymmetric ciphering is done since that has > > to be the first step.
> I don't care if we bellow at the top of our lungs what cipher we use. The > idea isn't to try and implement security by obscurity. I agree, we don't want to rely on obscurity. But that is what you are doing if you are afraid of putting the initial DH request message in some kind of plainly readable form. Doing a binary DH exchange adds no more security than doing a textual one. At most it adds some obscurity. Any attacker who has more than idle curiosity about whether you are running a Freenet node can simply use his own node-compatible software (perhaps a slightly patched Freenet node) to query you himself. I don't see that using a binary exchange format adds any significant security for cases where you care enough about security that encryption is important. Likewise, hiding which cipher is used adds no significant security. In practice we'll probably have only one or two ciphers in use anyway. A security protocol should be as simple as it can be, while still satisfying the security requirements. This will give you the best chance of making it reliable and secure. I maintain that SSL is a good model to follow. They negotiate a cipher suite which encodes both the asymmetric and symmetric ciphers, and this is done in the clear. They then do the asymmetric exchange and finally switch to encrypted mode using the symmetric cipher. In my opinion this is the approach we should use. In later versions we should add authentication to the key exchange using persistent public keys, and we should add a message authentication hash code to each message so that we know that the messages themselves have not been tampered with. We can follow the SSL model for this as well. Hal _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
