sks-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sks-devel] Out of the pool

From: Kiss Gabor (Bitman)
Subject: Re: [Sks-devel] Out of the pool
Date: Fri, 26 Jan 2018 09:48:10 +0100 (CET)
User-agent: Alpine 2.11 (DEB 23 2013-08-11) 
> If enough people are sending the signal to regenerate stats every hour,
> then the distribution of total key counts would cluster around a higher
> value, so that people who rely solely upon daily key generation might
> drop more than two stddevs below the mean (of numbers after outlier
> exclusion).

Geeee! Good hit. :-)

BTW. Let's assume a TLA wants to control HKP traffic of a target
person. (Someone who is worthing some investments like Snowden or
Assange.) A possible attack vector is this:
1. TLA adds a few innocent looking server to the pool.
2. They estimate when the target person will ask the pool.
3. A few hours before the prepared key servers start announce
a fake statistic about number of their keys.
4. Kristian's monitoring software thinks every other servers
miss a few thousands keys and drops them from the pool.
5. Every client connects one of tampered key servers where all
requests and replies are under full control of the operator.

Maybe the monitoring software should not allow the pool to be shrinked
too much. Having many operational server is more important than
keeping the diff low.

Cheers

Gabor
reply via email to
[Prev in Thread] Current Thread [Next in Thread]