Hi, I just finished the basic implementation of a longterm plan I had: portable WoT IDs, recoverable with a random password.
→ https://github.com/ArneBab/lib-pyFreenet-staging/commit/7a847a0e3db50948ae2b65ff8171401a0cd0cd9b Basic approach: - Upload the private key to KSK@<common prefix>-<14 letter password>--recovery - Upload metadata to USK@<public key>/<14 letter password>--<type of metadata>/-1 - recovery: download KSK, invert private key, retrieve metadata from USK, re-create WoT identity It would be great if you could doublecheck whether I missed anything which would spill your private key. The current password has an entropy of 75 bits — is that enough? Is it somehow possible to decrypt parts of the store at random in the hope of hitting a random uploaded private key (a variant of the birthday attack against the password which would avoid having to query the network for each check)? Best wishes, Arne -- Unpolitisch sein heißt politisch sein ohne es zu merken
signature.asc
Description: PGP signature
_______________________________________________ Devl mailing list [email protected] https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
