On Fri, May 04, 2001 at 12:35:59AM -0500, Scott G. Miller wrote:
> > > And why expose any more information to the node than it needs?
> >
> > I agree. I was expecting that it would be sufficient to encrypt the
> > items in the storables. There's little difference between that and
> > having it at the beginning of the trailing field. Is there a subtle
> > cryptographic vulnerability, even if you go as far as lumping it
> > under Storable.Client-data?
> >
> I don't think so, except for perhaps making a known-plaintext attack
> easier, but not really, since that length would have gone in the document
> itself.
So, it sounds like the way to go is to have a Storable.Client-data which
would be presumably a Base64 string-encoding of an encrypted byte array.
Should it decrypt to a (alphabetized) FieldSet or to a binary structure?
#1: decrypts to --
Metadata-length=<hex>
Symmetric-key=<hex>
End
#2: decrypts to --
<2 bytes crypto key length><crypto key><8 bytes metadata length>
Either way we can pad it to a decent length by repeating some hash
function of the data.
--
# tavin cole
#
# "The process of scientific discovery is, in effect,
# a continual flight from wonder."
# - Albert Einstein
_______________________________________________
Devl mailing list
Devl at freenetproject.org
http://lists.freenetproject.org/mailman/listinfo/devl
