Hi. This is mostly a paranoia issue, but here goes anyway.
I haven't got a freenet node running at the moment, so my observations are only immediately based on a google search (sorry, didn't have the time recently to keep my node running). Is there a public Freenet node around that I could use for testing? Here is what I have I have noticed. The Freenet's supposedly secure SSK keys (URLs) are 31 bytes long in the format that appears to be Base64 encoded. That is fine. However, I have also noticed that the last 4 entries seem to be repeated with conspicuous regularity. On sites referring to Freenet 0.3 the URLs seem to end with QAgE and in 0.4 with PAgM. I presume this is a "feature". This reduces the key size down to 28 bytes. 128-bits = 16 bytes = 32 characters hex encoded = 20 character Base64 encoded. Am I to assume that these keys are about 128 bits long, with 8 bytes used for something else? Can anyone point me at the correct documentation on the subject? >From what I understand from reading the documentation I found on the main web site, these keys are the same as the inverse of the standard public/private keys a-la PGP. Obviously, the situation is inverted because the files are world readable, but only writeable by the person with the correct key. Anyway, elsewhere I have found that public/private key encryption suffers from weaknesses compared to standard symetri key encryption. So much so, in fact, that to achieve the equivalent of a 128-bit symetric security you have to use a key size of closer to 2500 bits. Does it not follow from that that a freesites' key could be discovered fairly easily, which would allow the site to be defaced, or replaced. Or is the SSK effectively just an MD5 type hash produced from an actual key to provide a unique identifier for a site? If so, then fair enough, it is at least 128-bits big. Can somebody please shed some light on this for me? A link to the correct documentation would be fine (with a page/chapter pointer even more appreciated). Also, what key size is used for different things in Freenet? I have been getting a feeling lately that 128-bit isn't really paranoid enough for a network such as Freenet. Would 256-bit, or even 512-bit keys not be more suitable for future proofing? I am not talking about just data store keys, but about all of the keys. Or is this planned for the future, but largely left alone for now on the basis that the project is still in development and using larger keys would only slow things down needlessly at this stage? Regards. Gordan _______________________________________________ Tech mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/tech
