On Fri, May 05, 2000 at 12:16:35AM -0700, Greg Retkowski wrote: > On Thu, 4 May 2000, Oskar Sandberg wrote: > > > We have discussed this previously. A simple password scheme does not work > > for > > updating data on Freenet, even if the password can be validated because it > > appeared in hashed form in the previous version. The problem is that some > > node > > must get the the update first, and then, having the password, that node can > > replace your data with anything else on all the other nodes. > > Granted, this approach puts a degree of trust in the node(s) recieving the > update. It brings up another issue though. When the author inserts the > initial revision, does he not have to trust the server nodes to not alter > his data? If I (or a server) request a key for the first time, do I have > any way to know if the server sending the key is really sending what it > recieved? Or could that node alter the data without anyone being the > wiser? There could also be the rare instance of two people inserting the > same key at the same time on different servers. If I was the > author I could sign the document with a cryptographic key which the reader > would have to obtain and validate out of band (i.e. get my public key via > email) or make the SHA1 hash some way publically known.. I would do this > for revisions also.
If each node makes sure that the modified document is authenticated by the same person who created the original document, instead of just the first node that receives the document making sure that it is authenticated (this requires cryptographic authentication - password schemes aren't close to secure), then modification is not a threat. This is because a node which would try to modify the document could not create a signature for the document which will appear to have used the same private key that the document's creator used because the node only knows the creator's public key. You need a private key to create a signature, and someone else needs your public key to verify that you created the signature. However, no one other that you has your private key, so no one other than you can make a signature which says that you created the document. This defeats the threat of a node modifying your data in transit because if it passes the modified data onto other nodes, those other nodes would notice that the signature does not match up to the document and the document creator's public key. If a malicious node did go an make a new key for the document, this would still happen because the key would not match up with your public key. > Yes, the hash idea may not be a solution for updates, but it has been > noted that it is secure for deletes. > > As an update soution it is weak, but not the weakest link in the chain as > that would be the original insert. As said above, cryptographic authentication would defeat attempts by nodes to modify your data. > Do some of the voting schemes address this? somewhat.. But they would also > apply to updated data as well. > > > Updating documents has to require asymmetric crypto because you have > > to be able to identify yourself as the previous author without giving > > them a chance to identify themselves as the authors. > > As long as the original was not altered by a server along the way.. You do have a point there, but if someone later tried to verify the document with the author's public key at a node after where the document got modified, the verification would come up false. However, if the public key that was attached to the document as metadata also got modified and the signature was modified to reflect both of these modifications, verifying with the real public key would still fail. > > And whatever sense there was in Greg Retkowski's post I did not find > > myself very interested in, seeing as it was overshadowed by his > > complete ignorance and arrogance as to the rest of Freenet and our > > goals. > > I appreciate your understanding and helpful comments; perhaps I should > have stated in my earlier message that I have just joined the mailing list > and therefore at a loss as to what has already been discussed. Oh wait, I > did say that. > > I think in the end some form of revision based update system is probably > the most flexable. It still leaves the sticky problem of how new revisions > get 'discovered' by nodes though.. > > -- Greg > > Greg Retkowski Mail: greg at rage.net > Raging Network Services URL: http://www.rage.net/ > > > > _______________________________________________ > Freenet-dev mailing list > Freenet-dev at lists.sourceforge.net > http://lists.sourceforge.net/mailman/listinfo/freenet-dev -- Travis Bemann My mailing software is misconfigured. My email address should be bemann at execpc.com, not bemann at bemann. _______________________________________________ Freenet-dev mailing list Freenet-dev at lists.sourceforge.net http://lists.sourceforge.net/mailman/listinfo/freenet-dev
