* Matthew Toseland <toad at amphibian.dyndns.org> [2007-10-23 00:45:28]:
> On Sunday 21 October 2007 16:27, you wrote: > > Author: nextgens > > Date: 2007-10-21 15:27:24 +0000 (Sun, 21 Oct 2007) > > New Revision: 15469 > > > > Modified: > > trunk/freenet/src/freenet/node/FNPPacketMangler.java > > trunk/freenet/src/freenet/node/PeerNode.java > > Log: > > JFK: > > * Keep 10 signed exponents in a FIFO queue > > * Serve a new one whenever possible > > * Refill the queue every 30 sec if needed > > > > That's probably better this way. What about the NewArbitraryValue I've > introduced? well you tell me :p > > Increasing it uses more memory, and an attacker could exhaust a larger queue > almost as quickly. However it would allow slightly more forward secrecy under > heavy load. But the difference is marginal: our *real* forward secrecy > depends on how long the connections retain the negotiated keys, not on their > being completely unrelated to one another. I might implement re-keying once the current trunk is released. > > In fact you could argue that it's unnecesary complexity to have a queue at > all, but since the JFK paper suggests it, it's probably a good idea. > > Is 1 *new* DH exponent every 30sec a reasonable rate ? > > Yes. It's a trivial amount of CPU and memory, unlike the cost of creating a > new DH exponent per packet, which is what we'd be doing with STS (one of the > reasons for using JFK). > > Oh and you should synchronize on pn when accessing pn.jfkContext. The below > suggests NPEs. Well, I access it only in sendMessage1 & sendMessage2 and I check if it's null there... That shouldn't be a problem anymore in current trunk. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20071023/e617f8ac/attachment.pgp>
