In 0.7, we have to create new DSA groups, because the message hash is 256 bits instead of 160. We have code to generate DSA groups (freenet/crypt/DSAGroupGenerator) of a configurable key and hash size (subject to the simplification that key size is a multiple of hash size).
We now have the security/performance tradeoff of what key size to actually use. Here goes (on my Athlon XP 2800+, a mid-range computer by Freenet standards): Keysize/bits Sign/ms Verify/ms Verifies/sec Signs/sec 1024 1.1848 3.4894 286 844 1536 1.9513 5.8842 169 512 2048 3.0466 9.531 104 328 Which is appropriate? Some issues: - It is possible to transmit a new-style SSK in just over 1kB. This is partly so that we can do streaming over SSKs more conveniently. - Many nodes will have 128kB+/sec of downlink, and some will have that sort of uplink. However, a node downloading much more than you upload is strongly discouraged as it blows your anonymity. - An attacker who sends a stream of garbage data can do a CPU DoS, however he will be quickly detected as it will not verify. This should result in closing the connection and telling the user of the attack. - However, because signatures are significantly faster than verifies, an attacker could generate a series of *valid* SSKs, and fire them at the node. If he could grab a big enough piece of the node's bandwidth he might be able to do a CPU DoS. Worse, these would be forwarded across the network, since they are valid SSKs. - When reading SSKs from the datastore, we only need to check the datastore hash, not verify the signature. Therefore, if an attacker repeats blocks, we do not need to reverify them. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060105/4e81d633/attachment.pgp>
