[kerry@vscape.com: Re: [p2p-hackers] P2P Authentication]
----- Forwarded message from Kerry Bonin <kerry@vscape.com> -----
From: Kerry Bonin <kerry@vscape.com> Date: Thu, 27 Oct 2005 06:52:57 -0700 To: zooko@zooko.com, "Peer-to-peer development." <p2p-hackers@zgp.org> Subject: Re: [p2p-hackers] P2P Authentication User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716) Reply-To: "Peer-to-peer development." <p2p-hackers@zgp.org>
There are only two good ways to provide man-in-the-middle resistant authentication with key repudiation in a distributed system - using a completely trusted out of band channel to manage everything, or use a PKI. I've used PKI for >100k node systems, it works great if you keep it simple and integrate your CRL mechanism - in a distributed system the pieces are all already there! I think some people are put off by the size and complexity of the libraries involved, which doesn't have to be the case - I've got a complete RSA/DSA X.509 compliant cert based PKI (leveraging LibTomCrypt for crypto primitives) in about 2k lines of C++, <30k object code, works great (I'll open that source as LGPL when I deploy next year...) The only hard part about integrating into a p2p network is securing the CA's, and that's more of a network security problem than a p2p problem...
It's great to see this guy showing up yet another of the false dogmas of the crypto hacker community: "PKI can't work". According to this view, only old fogies and tight ass bureaucrats believe in certifying keys. All the cool kids know that the best key is a bare key. After all, MITM attacks never really happen, this was just an invented threat designed to force poor college kids into paying hundreds of dollars a year for a verisign certificate. But when we come into the P2P world things look very different. Where MITM would require special positioning in the old net, in a distributed P2P network, everyone's a MITM! Every key has passed through dozens of hands before you get to see it. What are the odds that nobody's fucked with it in all that time? You're going to put that thing in your mouth? I don't think so. Using certificates in a P2P network is like using a condom. It's just common sense. Practice safe cex! CP
At 9:27 PM -0700 10/27/05, cyphrpunk wrote:
Every key has passed through dozens of hands before you get to see it. What are the odds that nobody's fucked with it in all that time? You're going to put that thing in your mouth? I don't think so.
So, as Carl Ellison says, get it from the source. Self-signing is fine, in that case. "Certificates", CRLs, etc., become more and more meaningless as the network becomes more geodesic.
Using certificates in a P2P network is like using a condom. It's just common sense. Practice safe cex!
Feh. You sound like one of those newbs who used to leave the plastic wrap on his 3.5" floppy so he wouldn't get viruses... Cheers, RAH What part of "non-hierarchical" and "P2P" do you not understand? -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'
participants (3)
-
cyphrpunk -
Eugen Leitl -
R.A. Hettinga