Thanks a lot Keith! I completely understand the implications of reusing a sequence, so I will make sure states are not resumable more than once :)
On Wed, Nov 9, 2016 at 8:03 PM, Keith Winstein <kei...@cs.stanford.edu> wrote: > Hello Carlos, > > Sounds cool! I think you will need to save every state newer than the > "throwaway number," because the other side is allowed to reference that > state (or any newer state that you have acked) in building a new diff. > > My main fear with these saved states is that a user would somehow be able > to try "resuming" the same session twice, from the same save file. That > will result in the same sequence number being reused, which would be > cryptographically catastrophic. So any implementation that allows > "resuming" from a saved state must ensure that the saved state is destroyed > as part of the resumption. > > -Keith > > On Wed, Nov 9, 2016 at 3:14 PM, Carlos Cabanero <carlosecaban...@gmail.com > > wrote: > >> I have started to work on “Persistent Connections” for Blink with great >> success! For background, these are the related GH issues ( >> https://github.com/mobile-shell/mosh/issues/394) and ( >> https://github.com/blinksh/blink/issues/59). >> >> >> I hacked together - as in I have hardcoded most of the stuff - a simple >> version that is able to save a session to disk and reconstruct it given the >> previous key. Turns out it was all a lot easier than I thought, without >> requiring hardcore object serialisation. States (timestamp, sequence nonce >> and content) can be dropped to disk as if they were going to be sent over >> the network, and reconstructing the states to the initial >> Terminal::Complete and Network::UserStream objects is straightforward with >> the diff functions. >> >> >> There is the question of how many states should be saved, from reading >> the code I guess the answer is all of them, from my test only the latest >> acked one was enough - but again, crappy test. >> >> >> Another obvious security concern as the states contain information from >> the terminal in a completely readable format. Could that be encrypted again >> with the key before saving? In the case of iOS I can save the secure key to >> the keychain. But I think that on top of that, saving the session with a >> Passphrase might be a good idea. >> >> >> I understand that this might only be useful in Blink, but any guidance >> would be appreciated. In the same manner, if you change your opinion, I'm >> more than happy to walk the extra mile and make it work for everyone. >> >> >> Thanks a lot!! >> >> _______________________________________________ >> mosh-devel mailing list >> mosh-devel@mit.edu >> http://mailman.mit.edu/mailman/listinfo/mosh-devel >> >> >
_______________________________________________ mosh-devel mailing list mosh-devel@mit.edu http://mailman.mit.edu/mailman/listinfo/mosh-devel
