Tom Gundersen wrote in message <cag-2hqvcvqfpgqeaagxbp0ztc+30dfd_lc5+shwnhobmsx8...@mail.gmail.com>: > If I understand correctly, most of the point of RFC7217 is achieved > even if the secret key is known. The important point is to have a good > hashing function, and in that case knowing the secret key will not let > you discover any of the other parameters (which are the ones you > really want to hide).
Well if you know the secret key and the hash, you can do an exhaustive search on the other parameters to recover them since they have low entropy. > Moreover, if the point is privacy, if an attacker has access (in some > way) to the machine-id, there is no point in him going after the > interface identifier as he can already identify the client. > Given those two facts, might it not be sufficient to use the > machine-id as the secret key after all? It all depends on your model of security. You could imagine an attack where an attacker known several machine-ids (for whatever reason, I can imagine for instance a client downloading a vm preseeded with a machine-id). Then when the client connects to the attacker, the attacker can try to hash all his known machine-ids and the other low entropy parameters into the hash function to get a match, in order to recover the machine-id and hence break privacy. _______________________________________________ systemd-devel mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/systemd-devel
