Re: 128bit RSA public key - time to break?
From: Peter Fairbrother (zenadsl6186@zen.co.uk)
Date: 02/24/03
- Next message: Andrew Swallow: "Re: looking for research partner [block cipher design]"
- Previous message: shane: "Re: 128bit RSA public key - time to break?"
- In reply to: shane: "Re: 128bit RSA public key - time to break?"
- Next in thread: Shane Hird: "Re: 128bit RSA public key - time to break?"
- Reply: Shane Hird: "Re: 128bit RSA public key - time to break?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 24 Feb 2003 01:49:02 +0000 From: Peter Fairbrother <zenadsl6186@zen.co.uk>
shane wrote
> In a P2P environment, currently each client generates a random 128bit
> number upon installation and uses that as its ID every session.
So it's just an identifier, and the data is sent unencrypted?
> Other clients that encounter this client keep a record of how much
> they have downloaded from this client and give it priority to upload
> to them if they encounter them again. Problem is, people just take the
> IDs of people that have uploaded a lot and use that to get preference
> over others.
>
> I was considering using this 128 bit number as a public key, so that
> file requests would need to be signed. (Note that various challenge
> request models are vulnerable to a man in the middle attack, and
> diffie-hellman would probably be too much overhead). I was also
> thinking about introducing some kind of micro-payment type scheme, but
> the details aren't clear.
128-bit ECC should be okay for identification, as the value of the
identification isn't that great. Is anyone going to bother spending
machine-years cracking a key just to get priority downloading files? It
shouldn't be too hard to implement, while retaining backwards compatibility.
You might give extra priority to those who use sig's, in order to get people
to use them.
Perhaps not ECC for a micro-payment system tho', depends on the value of the
payments. Is the system open to the public?
There's a lot of legal and investigative pressure on P2P networks, after
DMCA and it's equivalents outside the US. If you are sending legit data
unencrypted that doesn't matter too much.
Longer-term you might want encryption of the data in transit, better
identification and data integrity, and forward secrecy (by using ephemeral
keys). Is it worthwhile to build a system that doesn't do that? Modern boxes
can handle the crypto easily.
> Its still vulnerable to a man in the middle attack, and possibly
> replay attacks, but only by people that want to request the same
> file...
>
> But having read some of these comments, and read a couple papers on
> P2P reputation systems, I realise theres a little more to it :P
There is! :)
But there are some free open systems already, and it's an area of active
development. Might not one of those be better? Certainly easier.
-- Peter Fairbrother
- Next message: Andrew Swallow: "Re: looking for research partner [block cipher design]"
- Previous message: shane: "Re: 128bit RSA public key - time to break?"
- In reply to: shane: "Re: 128bit RSA public key - time to break?"
- Next in thread: Shane Hird: "Re: 128bit RSA public key - time to break?"
- Reply: Shane Hird: "Re: 128bit RSA public key - time to break?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
