Consider implementing this also on MUTE

Status: Beta

Brought to you by: jcr13

Consider implementing this also on MUTE

Forum: Open Discussion

Creator: Roberto Rossi

Created: 2004-10-16

Updated: 2013-06-05

Roberto Rossi - 2004-10-16

New node identification system: it will make computationally impossible a MIM attack.

Details:
The idea is to use a particular DS (Digital Signature) public key as node ID on the net. The key (node ID) will be changed each time you run the sofware and it will be generated in couple with a private one. You'll use your private one to sign your messages so that everyone on the net will be able to verify if
a message from the node identified by a particular ID (i.e. public key) is spoofed or valid.
The method is computationally secure cause it implies no DH exchange or communication stuffs. You
simply publish your ID (i.e. public Key) on the net through your queries and you'll be the ONLY one able to use that ID to spread messages on the net. Spoofed message will be automatically rejected by other nodes, cause the spoofer will not be able to create a fake signature (unless he can perform a 1024 bit factorization... :P ) and the nodes will fail in verifying the signature.

Hope this will be useful also for MUTE devs...

If you would like to refer to this comment somewhere else in this project, copy and paste the following link:

Log in to post a comment.