Re: [GNUnet-developers] A new ECRS?

[Christian Grothoff]

On Monday 12 September 2005 06:12, Ludovic Courtès wrote:
> One of the most significant changes I can see is that the triple-hash
> scheme for keyword-based indexing has been dropped in favor of the
> keyword-based asymmetric cryptography.  Why is it so?  At first sight,
> it seems that the triple-hash scheme had the nice property of not making
> keyword queries a special case: peers could verify the consistency of a
> keyword response in the same way they do it for block queries, i.e. by
> ensuring that the response's hash matches the query.  With the new
> scheme, keyword queries have to be treated specially by peers.

Well, namespace queries already had to be treated specially, so if you already 
have 2 cases, adding a third one does not really change all that much.  Also 
note that when we changed from ESED to ESED2, we also introduced CHK blocks 
for the data, so we already had 3 cases: CHK, 3HASH and namespaces.  So the 
total uniformity of the blocks was lost already at that point (ESED to ESED2 
was the 0.4.* ->0.5.* transition, ESED2->ECRS is the change in 0.7.0).

More importantly, the triple-hash had one vulnerability (that we were aware of 
from the beginning but could not find a way to fix) , which was that an 
intermediary could take the double-hash response and replace the data part 
with some garbage.  That kind of malicious modification by a non-guessing 
adversary would not be detectable, leading to corrupted content floating 
indefinitely in the network.  The new KBlock scheme prevents this kind of 
attack.  All the glorious details should (hopefully) be made clear in the 
paper.

Christian