* Michael Rogers <m.rogers at cs.ucl.ac.uk> [2007-11-14 13:19:31]: > Florent Daigni?re wrote: > > We are not debating the strength of the key here... The only purpose of > > the outter layer encrytion is to avoid cheap pattern matching. > > Agreed, the goal is obfuscation rather than strong encryption. However, > that's orthogonal to the question of whether we need long refs to derive > a suitable key. As far as I can see, we don't. >
Go ahead and suggest something that works then :) > For example, K = hash (A's ref, B's ref, random nonce generated by A). > A's first message starts with the random nonce; the rest of the JFK > exchange is obfuscated using K. > > The length of the refs has no effect on security, but it has a big > effect on darknet usability. We can't do that because if we shorten refs we will have to exchange them "in band"... during the JFK negociation... and that precludes using part of the reference as the key for the outer layer encryption. Needless to say that using only the nonce as the key isn't an option. NextGen$ -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 189 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20071114/509432c1/attachment.pgp>
