Re: [GNUnet-developers] key exchanges [updated, resend]

gnunet-developers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [GNUnet-developers] key exchanges [updated, resend]

From:	Jeff Burdges
Subject:	Re: [GNUnet-developers] key exchanges [updated, resend]
Date:	Fri, 28 Aug 2015 16:28:59 +0200

Dominic,

I should probably read the chosen protocol attack paper, not sure I
understand it, but..

In, Protocol 6, there HMACs with a protocol identifier K in the first
and second message, presumably making them both commit to the protocol
choice early, thus limiting port scanning.

In trip 1, Alice reveals the protocol K she speaks to Bob.  As I
understand it everyone knows K, that's problematic in countries like
Russia that outlaw many protocols.  I suppose Bob could ask to change
the protocol choice in trip 2, but that's equally problematic.

If one or both should commit early to the protocol, then maybe a better
approach is : Trips 1 and 2 could contain (x, KDF(r,K,x)) where x = a_p
and b_p, respectively, and then reveal (r,K) in trips 3 & 4. 

Jeff

p.s.  Are you using an HMAC here because an HMAC can use a faster hash
function than SHA512?

signature.asc
Description: This is a digitally signed message part

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [GNUnet-developers] key exchanges [updated, resend], (continued)

Prev by Date: Re: [GNUnet-developers] [GSoC] Guix + GNUnet: report
Next by Date: Re: [GNUnet-developers] [GSoC] Guix + GNUnet: report
Previous by thread: Re: [GNUnet-developers] key exchanges [updated, resend]
Next by thread: [GNUnet-developers] [GSoC] GNUnet + Guix
Index(es):
- Date
- Thread