On Thu, May 03, 2001 at 11:03:55PM -0500, Scott G. Miller wrote: > On Thu, May 03, 2001 at 10:41:30PM -0400, Tavin Cole wrote: > > Currently the full structure of an unencrypted Freenet document > > looks like this: > > > > 2 bytes: crypto key length > > X bytes: crypto key, where X == crypto key length > > remainder: actual file data > > > > This allows the requesting client to check that it in fact has the > > correct decryption key, although the java clients don't actually > > do this. > > > It should. The whole point here wsa to have a mechanism in place to force > encryption of files.
Yea, the code's commented out - ?? > > The key specs are changing in 0.4, mainly in order to make the > > storables untamperable. While we are doing this, I believe we > > should also take the opportunity to move Metadata-length out of > > the storables. One way to do this would be to encode it into > > the document structure (#1): > > > > 2 bytes: crypto key length > > X bytes: crypto key > > 8 bytes: metadata length > > remainder: actual file data > > > > However, at least as far as the java implementation goes, this is > > rather difficult to deal with in practice. Actually even having > > the crypto key at the beginning of the document makes things > > unnecessarily difficult. > Why? Well, part of it is that having to strip off those few bytes tends to require a whole extra filtering stream wrapped in, in the client code I am working on (as I have to set up a passive layering of output streams instead of an active layering of input streams). Also, I need to know the metadata length in order to set up these streams, but I need them set up to read the metadata length :) Then consider FCP where you want to return the MetadataLength in the DataFound response, but you don't know it until the first DataChunk. Of course I can deal with all this, but it will complicate our reference code in odd ways, and I expect would be difficult to handle in any language. > And why expose any more information to the node than it needs? I agree. I was expecting that it would be sufficient to encrypt the items in the storables. There's little difference between that and having it at the beginning of the trailing field. Is there a subtle cryptographic vulnerability, even if you go as far as lumping it under Storable.Client-data? -- # tavin cole # # "The process of scientific discovery is, in effect, # a continual flight from wonder." # - Albert Einstein _______________________________________________ Devl mailing list Devl at freenetproject.org http://lists.freenetproject.org/mailman/listinfo/devl
