Matthew Toseland wrote: >> That means the ref can be around 38 bytes (IP address + port + hash) - >> small enough to exchange over the phone, IRC, etc. > > Not if we want to remain undetectable. We need a key for the outer encryption > wrapper.
Sorry, I don't follow - do you mean JFK takes place (or should take place) inside another layer of encryption? How is the key for the outer layer exchanged? To avoid CPU DoS it has to be a symmetric key, and to avoid an infinite regress of key agreement protocols it has to be derived non-interactively from the contents of the refs. Therefore it can't be secure against an attacker who's seen both the refs, regardless of how much information they contain - so what's the advantage of long refs? Cheers, Michael
