SSL/TLS was intended to be used over a protocol providing guaranteed
delivery and guaranteed ordering, and with that presumption it can get
away with block mode dependencies such as you describe. For use over
UDP, with any reasonable threat model, you need to tolerate dropped
packets.
It is a relatively straightforward to implement the same key negotiation
methodologies that SSL uses (one-way and/or two-way signed
Diffie-Hellman key exchange, using certs authenticated in a trust path
that leverages out of band credentials), and then use a stream cipher
that can tolerate dropped packets. This is most commonly done by using
a CTR mode stream cipher in conjunction with a message authentication
system such as HMAC.
In my current p2p implementation, we use DSA certs to sign
Diffie-Hellman terms, which are expanded into session keys for Twofish
crypto and SHA1 HMAC. Each packet contains an IV as a large counter
that increments per packet, which is used to drive the CTR mode cipher.
Before your counter rolls over, negotiate new session keys. CTR mode is
simple to implement, and lets you handle many dropped packets.
Guaranteed delivery can be layered on top of your UDP protocol, and HMAC
makes sure nobody tampered with the packet.
We'll be open sourcing these cryptographic subsystems next year, but not
before we deploy our VR / MMO framework that uses them...
Lemon Obrien wrote:
i know ssl is broken down into 16-byte packet and sent; but it is also
AND'd(i forget the exact terminology) with the previous packet to
doubly encyrpt the stream, so if you break the stream you also have to
break the AND (which start iwth the initialization vactor, which is
determined, or can be, on the fly). If you do udp, and a packet is
lost? wtf do you do? You have to have the previous packet before the
one that was lost to generate the correct data during encryption...
if you do not use the stream-encryption technique your encryption algo
is musch easier to break.
lime.
*/Alexander Pevzner <[EMAIL PROTECTED]>/* wrote:
Lemon,
There is no fundamental reasons, why SSL cannot be used on a top
of UDP.
BTW, the first thing SSL does with TCP is organizing the message-based
protocol on a top of TCP, which is a stream protocol by its nature.
And not all ciphers are slow. For example, RC4 can be quite fast,
and it
considered to be secure when properly used.
Lemon Obrien wrote:
>>>Could a SSL hop-to-hop communication really improve the general
> security of a P2P systems
>
> SSL is TCP based, hop-to-hop implies UDP. I know SSL b/c I've
written a
> driver for the protocol. If you use some type of SSL between
nodes, it's
> be really slow, and each node would have to have its own
certificate.
>
> you can, of course, write your own encryption.
>
> lemon
>
> */Luigi De DonĂ /* wrote:
>
> Hi all,
>
> About the security of a software system based on a P2P protocol :
>
> In a distributed system (P2P) where doesn't exist a Byzantine and
> malicious faults tolerance protocol implementation,
> do you think that an Internet deployment using a closed protocol is
> more secure than using an open protocol ?
>
> Could a SSL hop-to-hop communication really improve the general
> security of a P2P systems ?
>
> Please let me know your opinions.
>
> Thanks,
> Luigi
> _______________________________________________
> p2p-hackers mailing list
> [email protected]
> http://lists.zooko.com/mailman/listinfo/p2p-hackers
>
>
>
>
> You don't get no juice unless you squeeze
> Lemon Obrien, the Third.
>
> http://www.tamago.us
>
>
------------------------------------------------------------------------
> Check out the all-new Yahoo! Mail beta
>
> - Fire up a more powerful email and get things done faster.
>
>
>
------------------------------------------------------------------------
>
> _______________________________________________
> p2p-hackers mailing list
> [email protected]
> http://lists.zooko.com/mailman/listinfo/p2p-hackers
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
You don't get no juice unless you squeeze
Lemon Obrien, the Third.
http://www.tamago.us
------------------------------------------------------------------------
Cheap Talk? Check out
<http://us.rd.yahoo.com/mail_us/taglines/postman8/*http://us.rd.yahoo.com/evt=39663/*http://voice.yahoo.com>
Yahoo! Messenger's low PC-to-Phone call rates.
------------------------------------------------------------------------
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers
