On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote:
Wasn't there an idea to have a separate encrypted user store with a
key that is only in ram? When a person turns off their node or
computer the user store is essentially unreadable and would be erased
on next start-up? Locally
On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote:
> Wasn't there an idea to have a separate encrypted user store with a
> key that is only in ram? When a person turns off their node or
> computer the user store is essentially unreadable and would be erased
> on next start-up? Locally
Matthew Toseland wrote:
> That's not the point. We already intend to make HTL=0 attacks
> infeasible, and they go well beyond datastore probing (think social
> engineering with NIM forms, Frost posts; put a different KSK/SSK on each
> node).
>
> The point is, you can still time it, and there's no
Matthew Toseland wrote:
> No, but it might not cache it in the first place if it's the result of a
> local request. This is to beat the Register attack. Unfortunately it
> means that you are highly vulnerable to your immediate neighbours. It is
> possible to increase the effort needed to break
I have heard somewhere that in the 0.7 your node might chose not to give a
block that it
has, in order to protect the anonymity. Is that true? If so will that also
apply at HTL=0?
--
===
Contact details:
Alt e-mail: k0324474 at kingston.ac.uk
ICQ: 253627744
Frost: VolodyA! V A at
No, but it might not cache it in the first place if it's the result of a
local request. This is to beat the Register attack. Unfortunately it
means that you are highly vulnerable to your immediate neighbours. It is
possible to increase the effort needed to break your anonymity somewhat
at the cost
Matthew Toseland wrote:
No, but it might not cache it in the first place if it's the result of a
local request. This is to beat the Register attack. Unfortunately it
means that you are highly vulnerable to your immediate neighbours. It is
possible to increase the effort needed to break your
That's not the point. We already intend to make HTL=0 attacks
infeasible, and they go well beyond datastore probing (think social
engineering with NIM forms, Frost posts; put a different KSK/SSK on each
node).
The point is, you can still time it, and there's no real way to beat
timing attacks in
On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote:
Matthew Toseland wrote:
That's not the point. We already intend to make HTL=0 attacks
infeasible, and they go well beyond datastore probing (think social
engineering with NIM forms, Frost posts; put a different KSK/SSK on each
Wasn't there an idea to have a separate encrypted user store with a
key that is only in ram? When a person turns off their node or
computer the user store is essentially unreadable and would be erased
on next start-up? Locally requested content would only be kept there.
On 9/22/05, Matthew
On Thu, Sep 22, 2005 at 05:48:37PM -0400, Juiceman wrote:
Wasn't there an idea to have a separate encrypted user store with a
key that is only in ram? When a person turns off their node or
computer the user store is essentially unreadable and would be erased
on next start-up? Locally
11 matches
Mail list logo