On Tuesday 9. November 2010 19:49:39 Matthew Toseland wrote: > What are your thoughts on this issue? IMHO the moment we encrypt two > packets with the same key and the same sequence number game over. We need > to be absolutely sure we will rekey before that happens, and if the rekey > fails we will disconnect. The other option - using a very long counter - > is interesting, possibly in combination. What does the packetFormat branch > do now?
I agree that we can't let the sequence numbers wrap since we use them for crypto. c73cce16..026a2845 implements the first solution you mentioned, refusing to send packets until after a new rekey (and starts one when needed of course). b2ca18a8 improves it sligthly by starting the rekey 100 packets before we would stop sending (this number should probably be higher, or based on how fast we send packets). As for the message ids, we are safe for now because the window is so small, but I'll try to add some more checks just to make sure. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 198 bytes Desc: This is a digitally signed message part. URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20101113/09b18907/attachment.pgp>
