* Daniel Cheng <j16sdiz+freenet at gmail.com> [2008-08-14 09:47:48]: > On Thu, Aug 14, 2008 at 4:57 AM, Michael Rogers <m.rogers at cs.ucl.ac.uk> > wrote: > > On Aug 12 2008, Matthew Toseland wrote: > >> We can increase the cost significantly and thereby slow the attacker > >> down. It's still possible, but it's no longer trivial, because they have > >> to try every key they are interested in against every block in the store > > > > No they don't. They just unplug the network cable, start the node, and > > request each key they're interested in. Any keys that succeed are in the > > store. > > > > Strictly speaking it's true that obfuscating the store prevents an attacker > > from enumerating the keys it contains, but that's not really relevant > > because the attacker doesn't want a list of the keys in the store - they > > want to know whether certain keys are in the store. If I can find that out > > by starting the node without entering a passphrase then so can they. > > The store is also encrypted with a per-store key. > In case of emergency, > just erasing the key from disk would make the whole store unusable. > > Overwriting 16 bytes is far easier then overwriting the whole store. > > I am not sure if this worth the effort, but this is the reason behind it. >
Maybe we should ask what kind of threat freenet should attempt to protect the user from in the wizard; Recently I have implemented an option not-to encrypt temporary buckets (it doesn't make any sense to re-encrypt them on a system where hard-drive and swap encryption are in use). -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type: application/pgp-signature Size: 197 bytes Desc: Digital signature URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080814/c814cb99/attachment.pgp>
