On Fri, Jan 03, 2020 at 10:28:02PM +0900, Schanzenbach, Martin wrote:
> That sounds like it allows anyone to highjack any (established) channel
> after a successful kx.
Oh, transport does not guarantee the identity of nodes so CADET
has to handle authentication itself... great. Still, an attacker
would not be able to hijack a conversation, just break it.. right?
dvn has suggested a different approach, to make the
CADET_CONNECTION_CREATE ensure that both sides have the same
state, so we are looking into adding extra info there (which
I understand would be a breaking protocol change, since gnunet
does not have PSYC's extensibility).
btw, figuring out how CADET tunnels get stuck and stop working
was the amazing work of
__
_|_ > __ __ __ _ _ | _ _|_
| -{ (_ (_ /__) |/ / | |< |
|_ __> __) __) \___ | \_|_| \ |_
> > Back in the days of PSYC1 I designed it in such a way that if
> > both nodes decide to talk to each other at the same time, they
> > will interpret each others' initations as the respective
> > responses, resulting in faster link creation.
>
> That may be ok for the initial handshake, but not for resumptions.
PSYC1 is more on the transport layer from gnunet's perspective,
there is no crypto state to resume.
--
E-mail is public! Talk to me in private using encryption:
// http://loupsycedyglgamf.onion/LynX/
// irc://loupsycedyglgamf.onion:67/lynX
// https://psyced.org/LynX/
