On 2004-08-04T19:27:56+0200, Martin Scheffler wrote:
> Kendy Kutzner wrote:
> > On 2004-08-04T14:50:52+0200, Zenon Panoussis wrote:
> > > Traffic
> > > analysis might help me figure who made a request and who served
> > > it, but I still have to break encryption before I can figure
> > > which file that request concerned.
> >
> > That is not entirely true. The files are encrypted with keys
> > based on the file's content. When the file content is known, then
> > routing keys can be computed.
> No, this description is inaccurate!
> When you know the _exact_ file contents, you don't need freenet. And 
> besides, the very same text or data with just one bit changed is a new 
> key, this means you are only able to scan for well-known data.

No doubt in that. When I'm talking about file content, of course
I mean _exact_ file content. And why Alice, Bob and Carol don't
need Freenet when Eve also can browse the freesites?

> The SHA1 hash from the original and unencrypted data is used as encryption 
> key. The data is encrypted with that (You can not get back the encryption 
> key without decrypting first).
> Then, some other data is added for routing and checking, and the SHA1 hash 
> of the whole piece makes up the "routing key", this is what you see while 
> proxying and caching the key data.

So where is the inaccuracy in 'when the [exact] file content is
known, then routing keys can be computed'?

What I wanted to say: Eve also can spider Freenet and can know a
lot of content _exactly_. Therefore it can compromise
intermediate hosts and do much easier traffic analysis.



Attachment: pgpnvzH5rx5vd.pgp
Description: PGP signature

Support mailing list
Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support

Reply via email to