[freenet-dev] alternative to #freenet-refs
Michael Rogers
m.rogers at cs.ucl.ac.uk
Wed Nov 14 13:19:31 UTC 2007
Florent Daignière wrote:
> We are not debating the strength of the key here... The only purpose of
> the outter layer encrytion is to avoid cheap pattern matching.
Agreed, the goal is obfuscation rather than strong encryption. However,
that's orthogonal to the question of whether we need long refs to derive
a suitable key. As far as I can see, we don't.
For example, K = hash (A's ref, B's ref, random nonce generated by A).
A's first message starts with the random nonce; the rest of the JFK
exchange is obfuscated using K.
The length of the refs has no effect on security, but it has a big
effect on darknet usability.
Cheers,
Michael
More information about the Devl
mailing list