Re: [Freenet-dev] Shadow Nodes (Was: Node Operator Anonymity - the issues)

[Scott Gregory Miller]

> 
> I am not sure, but the concept is simple.  Basically node addresses will
> also include a public key, so that any node which wishes to send a message
> to a node must encrypt it using the public key.  Right now a DH
> key-exchange is used, which (while a super-clever piece of mathematics),
> is vulnerable to "man in the middle" attacks.  A PK mechanism should make
> such an attack much more difficult (and - Scott, correct me if I am wrong
> - should be faster than DH).
Well, we tried to have that as a design goal, but I didn't come up with
that.  Couldn't have faster and forward-secure at the same time.  We did
keep it to one pass though, so its no worse than DH as far as network comm
is concerned.  Slightly more computation though (maybe another 100 ms
max).



_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev