The sort of thing you are talking about is what we have discussed as adding true node authenication. This is a very complicated problem, and can only be solved by a full scale PK solution. I agree with Hal that it would be better to get simple encryption of node to node communication in there for now, because that is something we can realistically achieve. The node does not limit who it talks to right now anyways, so there is nothing to authenticate.
The issues involved in trying to actually authenticate who you are talking too are very complicated, right down to exactly what you are trying to authenticate... On Fri, 28 Apr 2000, Brandon wrote: > > But you can't just start speaking encrypted gibberish right away. There > > has to at least be a key exchange first. =) > > Sure you can. PGP starts speaking gibberish right away. The key exchange > has to be encrypted anyway or else there's all that nasty man in the > middle attack stuff to deal with. > > There needs to be some way that you can specify that a node you're > connecting to is using a specific algorithm and that you already know the > key. In such situations you can just be spouting a bunch of seeming random > gibberish and it will be very hard for listeners to figure out what is > going on. > > but there should also be options for cipher negotiation. > > That part can be done with messages, handshakes probably. > > In a really nice setup you'd be able to include a tiny key with the > address to the node. The key would only have to be big enough to outlive > the key negotiation. You could encrypt with the initial key and use the > encrypted connection to negotiate ciphers and keys. > > Since you have to include the initial key with the address, you might as > well include the cipher as well. Cipher and key negotiation can still > occur, but you need an initial cipher and key to start with. > > If the node changes what cipher it uses or what key it uses, you'll have > to find a new reference for it. But the same is true if it switches IP > addresses and cipher changing will be less frequent in many cases. > > And of course you don't have to make the address you distribute an > encrypting one, you can make it a plain connection and then do cipher > negotiations via handshake in the open, but it's probably a bad idea in > terms of security. > > > > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev -- Oskar Sandberg md98-osa at nada.kth.se #!/bin/perl -sp0777i<X+d*lMLa^*lN%0]dsXx++lMlN/dsM0<j]dsj $/=unpack('H*',$_);$_=`echo 16dio\U$k"SK$/SM$n\EsN0p[lN*1 lK[d2%Sa2/d0$^Ixp"|dc`;s/\W//g;$_=pack('H*',/((..)*)$/) _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
