On Fri, 29 Dec 2000, Brandon wrote:
> Mark:
> > Assuming irregular updating. You would also iterate backwards. But MSKs
> > make inserting a new version so trivial that regular updating is not a
> > problem.
>
> Not a problem if you have always-on Internet access, which not everyone
> does. I consider having to periodically update a guessable key to be not
> totally acceptable for a number of reasons. Not only do you have to have
> regular Internet access, but it also provides a way to track a
> publisher. If you're inserting updates from the same node it might be
> possible to incrementally track you down one hop at a time. This attack
> only requires the ability to snoop one connection at a time, not total
> surveillance over the whole network. Key hashing doesn't help since
> the next key to be inserted is known. Connection encryption doesn't help
> since a MITM attack can be done on each connection between nodes. PKI
> helps somewhat, but irregular updates help a lot.
Ouch. That is very evil. But with a real updating scheme, isn't the exact
same attack possible?
--
Mark Roberts
[EMAIL PROTECTED]
_______________________________________________
Freenet-dev mailing list
[EMAIL PROTECTED]
http://lists.sourceforge.net/mailman/listinfo/freenet-dev
