On Tue, Jun 20, 2006 at 09:35:45AM +0200, freenetwork at web.de wrote: > > What about this? > > John Doe > VOIP: 555-555-1212 > e-mail: JohnDoe at hushmail.com > Freenet URL: KSK at MySecretPage > > Where the KSK is just a meta-redirect to an USK at blafasel/-1/ freesite. > Done and I'm sure nobody I don't even know messes with the index.
Good point. > > Maybe KSKs are not *that* secure as SSK/USK are, but neither the index is. > Whereas KSKs can only by compromized by a network split or bad routing (and > having to know the KSK-key in forehand to insert bogus data to), the index > can be manipulated *at will* as it's under the control of a single > person/org, that can be forced by The Guys to > tamper the index. KSKs are squattable. However if you find a suitable human readable key which isn't squatted, you can use it reasonably securely. > As 0.7 doesn't have a HTL-field anymore, modifying KSKs is even more > difficult. On an insert collision, the valid KSK is returned along all the > request chain, which distributes the original key even more (if it goes into > the datastore). The chain is now longer as with 0.5, > and with 0.5 the attacker could set a HTL of 2 or 3, which "infects" nearby > nodes without collision. It's better than that actually. Not only do we return the previous data, we also insert it! An insert attempt which collides will propagate the old data, for the full insert path. An attacker could still insert with a low HTL admittedly (they'd have to hack the node), although even then it would go more hops - potentially many more hops - than the HTL. -- Matthew J Toseland - toad at amphibian.dyndns.org Freenet Project Official Codemonkey - http://freenetproject.org/ ICTHUS - Nothing is impossible. Our Boss says so. -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20060620/3efa9fbf/attachment.pgp>
