[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[lsd0007] 01/02: Updated TCP communicator message exchange
|
From: |
gnunet |
|
Subject: |
[lsd0007] 01/02: Updated TCP communicator message exchange |
|
Date: |
Tue, 11 Jun 2024 23:28:32 +0200 |
This is an automated email from the git hooks/post-receive script.
pedram pushed a commit to branch master
in repository lsd0007.
commit a8954e993a56edf08baedb74548896b2b0b3f703
Author: Pedram Fardzadeh <p.fardzadeh@protonmail.com>
AuthorDate: Tue Jun 11 22:34:07 2024 +0200
Updated TCP communicator message exchange
---
draft-gnunet-communicators.xml | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/draft-gnunet-communicators.xml b/draft-gnunet-communicators.xml
index f028c70..8d1becf 100644
--- a/draft-gnunet-communicators.xml
+++ b/draft-gnunet-communicators.xml
@@ -991,8 +991,10 @@ SetupCipher(MSK):
<t>
TCP Box messages follow the mac-then-encrypt approach to hide the size of
the payload and achieve a zero-plaintext design.
The HMAC utilizes SHA512 as the underlying hash function and is ratcheted
after each operation. Given the mac-then-encrypt
- approach, additional safeguards are needed to protect against oracle
padding attacks. Therefore, we use AES-CTR for encryption,
- as it doesn't require padding.
+ approach, additional safeguards are needed to protect against oracle
padding attacks. Therefore, we <bcp14>MUST</bcp14> use
+ a padding free encryption scheme such as AES-CTR for encryption.
Additionally, we restrict the attacker's ability for replay
+ attacks by exchanging new key material after a fix amount of transferred
data (FIXME: currently 4GB, refer to rekeying process).
+ The necessary key exchanges to establish the new key material are
protected using monotonic timestamps.
</t>
<t>
(FIXME: hmac, MtE discussion, padding-oracle, rekeying).
--
To stop receiving notification emails like this one, please contact
gnunet@gnunet.org.