On Sunday 26 Jan 2003 6:23 pm, Davide Venturelli wrote: > i see. > how can you get this node-to-node encryption? > should every node hold a copy of the public key of its "neightbours" > nodes? > In other words... you taled about DSA (or DSS?)... what is it > "approximately"? I found that it has something to do with signatures.. > may you help me to demistify the mechanism behind the Node-to-Node > communication?
Nodes can exchange their public keys without encryption, because this information doesn't need to be encrypted. If you were really paranoid, you could establish an initial encrypted connection using DH (Diffie-Helman) key exchange protocol to exchange the public keys, but this isn't strictly necessary for public key exchange. Still, I do believe Freenet nodes do use this method as well just to make things even more difficult, judging by the information on the "environment" report on the node. Then, the node initiating the connection encrypts the session key it randomly generates for that session using the receiving node's public key, and sends it. The target node decrypts the symetric session key using it's private key, and now the two nodes share a secret key they can use for symetric encrpytion of their communication. The reason asymetric encryption is only used for the exchange of the symetric crypto keys is because symetric cryptography is much faster and more secure, provided you can insure the security of the key. I'm sure Matthew will correct me if I'm wrong in anything I've said here. :-) HTH. Gordan _______________________________________________ Tech mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org:8080/cgi-bin/mailman/listinfo/tech
