[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CADET protocol: Anna or Betty?
|
From: |
carlo von lynX |
|
Subject: |
Re: CADET protocol: Anna or Betty? |
|
Date: |
Fri, 3 Jan 2020 15:23:43 +0100 |
|
User-agent: |
Mutt/1.5.20 (2009-06-14) |
On Fri, Jan 03, 2020 at 10:28:02PM +0900, Schanzenbach, Martin wrote:
> That sounds like it allows anyone to highjack any (established) channel
> after a successful kx.
Oh, transport does not guarantee the identity of nodes so CADET
has to handle authentication itself... great. Still, an attacker
would not be able to hijack a conversation, just break it.. right?
dvn has suggested a different approach, to make the
CADET_CONNECTION_CREATE ensure that both sides have the same
state, so we are looking into adding extra info there (which
I understand would be a breaking protocol change, since gnunet
does not have PSYC's extensibility).
btw, figuring out how CADET tunnels get stuck and stop working
was the amazing work of
__
_|_ > __ __ __ _ _ | _ _|_
| -{ (_ (_ /__) |/ / | |< |
|_ __> __) __) \___ | \_|_| \ |_
> > Back in the days of PSYC1 I designed it in such a way that if
> > both nodes decide to talk to each other at the same time, they
> > will interpret each others' initations as the respective
> > responses, resulting in faster link creation.
>
> That may be ok for the initial handshake, but not for resumptions.
PSYC1 is more on the transport layer from gnunet's perspective,
there is no crypto state to resume.
--
E-mail is public! Talk to me in private using encryption:
// http://loupsycedyglgamf.onion/LynX/
// irc://loupsycedyglgamf.onion:67/lynX
// https://psyced.org/LynX/