On Friday 01 February 2008 17:00, Robert Hailey wrote: > > On Jan 31, 2008, at 11:03 AM, Robert Hailey wrote: > > >> How do you authenticate the routed pings, to prevent an attacker from > >> replying on behalf of another node? > > > > Excellent question. Surely the "true/false" response of present is > > woefully inadequate. Since we have a direct connection to the peer > > that we are pinging a challange-and-response mechanism is easy, no? > > > > Consider node "B" who is between "A" & "C" (A-B-C). He tells "C" a UID > > & Secret [a randomly generated long?], and "C" stores that secret/uid > > as part of our peernode record. Node "B" then sends node "A" a routed > > ping with the same UID, and if node "A" returns the pong with the > > correct secret it is a success. > > I was supposing that these pings would be sent at less-than-max htl > (since we are not searching the network but doing a connectivity > test), but wouldn't that possibly allow an attacker to learn who your > peers are? > > That is, if an attacker has a node connected to your node and your > peers node, he could put together the ping from yours, the reply from > your peer, plus the fact that the reply comes from a node of the same > location as the ping, and be reasonably sure he is your peer. Whereas > with the probabilistic decrement at the real maxHTL, they could not be > nearly so sure.
He can already know this, because of swapping. -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080201/470d99a7/attachment.pgp>
