On Friday 24. December 2010 16:26:59 Matthew Toseland wrote: > On Tuesday 21 December 2010 23:18:50 Martin Nyhus wrote: > > At the moment I'm not using the first bit of the sequence number for some > > reason (that I can't remember). > Worth checking but not critical.
I've already done it, but the extra complexity might not be worth it. Feel free to ask me to revert it if you agree. > > There is also the problem of message ids > > wrapping within the watchlist window, but I don't think it can happen > > with the current code unless the sender actively makes it happen. > Right. Well, if it's not going to happen naturally, it's an exploit, but > AFAICS it's not a useful exploit, right? I thought about this over the weekend and I've convinced myself that it can't happen unless the sender uses only every ~1000th message id, and I can't see that happening without changing the code. If it were to happen it would be possible to replace parts of a message with the same parts of an earlier message with the same id. Some numbers: Assuming we can send 1400 messages in a packet (way too high...) we can send 1.4M messages in the window, which isn't anywhere near the number needed for wrapping the ids (2^28 or ~268M). In practice I'd say the average number of messages per packet is roughly 10. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101227/ec903bb2/attachment.pgp>
