So, you want to set up a web-of-trust on Freenet? > Pondering the whole public-key integrity & man in the middle attack problem, > a thought occurred to me:- > It should be possible to devise a peer-based system similar to freenet for > the distribution of public-key data in an attack resistant manner. > Essentially, such a system could use encrypted links between each peer in > the system, where the shared-secret for each link is initially exchanged > using public-key crypto. To prevent the attack being shifted to the > replacement of the public-keys of the nodes, the public key of the first > node any new node connects to could be transferred over a trusted channel, > or the fingerprint of the key could be confirmed. Once the first few > trustworthy keys are established, the link can then be used to transfer the > public keys of other nodes in the network the client wishes to connect to, > and the network can then be used to request any public-key that has been > placed on the network (perhaps indexed by email address, so plugins could be > made for major mail clients to securely retrieve public keys of any person > you wish to send data to. > Each client in the network can store, along with the key itself, data on the > trustworthiness of that public key, based on what sources it was obtained > from, and whenever a key is requested, the trustworthiness value depends on > how many channels the key was recieved on, and the trustworthiness value of > each. - This system could be refined further to give an accurate idea of how > trustworthy a given key is. > Since the keys are delivered over multiple different links through the > network, and the actual links are encrypted (with the links directly or > indirectly verified over a secure channel such as a telephone conversation > or physical meeting), replacing or corrupting a key would require that at > least one node on every path from datastore to requester be malicious, a > feat that, in any reasonable sized and well-connected network should be > next-to impossible. Naturally, intefering would be easier, as any malicious > node could return a key of it's own, but this is certain to be detected > since multiple different keys would be returned for a request. > I realise this system will not give perfect trustworthiness, but I think it > could be a massive improvement on systems such as http-requests to retrieve > public keys. > Questions, comments? Does anyone see this as a practical or desirable > scheme? Does anyone see obvious flaws or reasons this would not work? > > Thanks, > > Nick Johnson > > --Crossposted to sci.crypt and the freenet-tech mailing list-- > > > _______________________________________________ > freenet-tech mailing list > [EMAIL PROTECTED] > http://lists.freenetproject.org/mailman/listinfo/tech >
_______________________________________________ freenet-tech mailing list [EMAIL PROTECTED] http://lists.freenetproject.org/mailman/listinfo/tech
