[mnet-devel] What does EGTP do that a PGP message doesn't

Artimage artimage at shockwave.concernd.com
Mon Oct 6 15:50:41 BST 2003 

I want link encryption.

"Why?" you ask...

Becuase I want to run mnet while on client sites. And I don't want them to
know what I am running. Sure, if they knew about mnet and were running a
node they might notice, but if my traffic is unencrypted they difinately
will.

I like link encryption.

Art.-

On Fri, 3 Oct 2003, Zooko O'Whielacronx wrote:

>
> > On the crypto level, what does EGTP do that a PGP encrypted and signed
> > message doesn't do?
>
> It protects initiators from an attacker replaying a response that a server
> sent.  That is: it gives an "at-most-once" guarantee to initiators.
>
> Since it doesn't give such a guarantee to responders -- only to initiators --
> it is hardly valuable in practice.  Actually, even if it *did* work on both
> sides it wouldn't be useful for Mnet v0.6 or Mnet v0.7.  Nor would PGP, SSL, or
> any other form of encryption of the chatter that passes between peers.
>
> I still stand by what I posted earlier [1]:
>
>     """
>     I have a radical suggestion: drop link encryption and use normal Twisted
>     TCP connections.  Anything that I could learn from hacking into your ISP
>     and sniffing your TCP connections I could learn more easily by running an
>     Mnet node and peering with your Mnet node.
>
>     Maybe in the future Mnet will have features like one-hop-privacy,
>     friendnet, or something else that makes that statement untrue, but in the
>     future we can add link encryption back in.  Until then, if you (icepick)
>     are spending your time implementing link encryption, you're probably
>     wasting your time as far as real-world privacy or security goes.
>
>     (Note that block encryption does actually serve a useful privacy purpose,
>     and I think we should keep it as it is currently defined and implemented in
>     ZNFF.)
>     """
>
> Consider a current, realistic, attack scenario: some nefarious organization is
> going to spy on the user's transmissions and then sue them for tens of
> thousands of dollars.  Does this nefarious organization achieve this by
> wiretapping at ISPs and interpreting the unencrypted transmissions?
>
> No, it achieves this by running a node and peering with the intended victims.
>
> Encrypting the peer-to-peer comms at this point is putting bars over your
> windows while the front door is standing open.
>
>
> Regards,
>
> Zooko
>
> [1] http://sourceforge.net/mailarchive/message.php?msg_id=6077291
>
>
>
> -------------------------------------------------------
> This sf.net email is sponsored by:ThinkGeek
> Welcome to geek heaven.
> http://thinkgeek.com/sf
> _______________________________________________
> mnet-devel mailing list
> mnet-devel at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/mnet-devel
>


-------------------------------------------------------
This sf.net email is sponsored by:ThinkGeek
Welcome to geek heaven.
http://thinkgeek.com/sf
_______________________________________________
mnet-devel mailing list
mnet-devel at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/mnet-devel

More information about the Mnet-devel mailing list