[freenet-dev] Short refs was Re: alternative to #freenet-refs
Matthew Toseland
toad at amphibian.dyndns.org
Mon Nov 19 13:58:41 UTC 2007
On Sunday 18 November 2007 12:03, Michael Rogers wrote:
> Matthew Toseland wrote:
> > The pubkey itself for an SSK cannot be encrypted as a node forwarding an
SSK
> > has to be able to verify the signature. The data of course is encrypted...
> > but if we use the same pubkey for connection setup, we are giving away a
lot
> > of information.
>
> True. We could use the hash of the entire ARK key (including the secret
> part) to generate the obfuscation key - that way a node handling the ARK
> request won't be able to de-obfuscate the handshake.
We could, but this would not help us with short-refs, as we'd have to ship
both the pubkey and the secret decryption key, hence 64 bytes (bad!).
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://emu.freenetproject.org/pipermail/devl/attachments/20071119/2dffe567/attachment.pgp
More information about the Devl
mailing list