[p2p-hackers] BitWeav: open P2P micropublishing

Eugen Leitl eugen@leitl.org
Wed Sep 25 03:24:43 PDT 2013 

----- Forwarded message from Liam Edwards-Playne <liamzebedee@yahoo.com.au> -----

Date: Wed, 25 Sep 2013 12:13:48 +1000
From: Liam Edwards-Playne <liamzebedee@yahoo.com.au>
To: p2p-hackers@lists.zooko.com
Subject: Re: [p2p-hackers] BitWeav: open P2P micropublishing
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.0
Reply-To: theory and practice of decentralized computer networks <p2p-hackers@lists.zooko.com>

A good point about the SHA2-256 + RIPEMD-160 usage that I hadn't
considered. I'll change the design to use a single truncated SHA2-256
hash. As for length extension attacks, I don't believe I should be
concerned, should I? The transfer of messages within the network is
dependent on a defined protocol, so any extra bytes would just be
interpreted as a malformed message.

Out of interest, could you elaborate on the potential weaknesses in
the pairing?


As for a decentralised identity, it's an interesting problem, but I'll
be focusing on the micropublishing idea first. With my last project, I
delved into too many areas, trying to decentralise DNS, creating an
improved Kademlia DHT, providing a framework for P2P mutable
documents. Ultimately I built nothing (but learnt a lot).

Nonetheless I think technology develops too quickly to define any sort
of single specification for an online identity. The best we have are
public keys certified by webs of trust.

Le 25/09/13 08:16, Sean Lynch a écrit :
> I don't think Bitcoin's SHA2-256 + RIPEMD-160 usage is based on
> sound crypto. It's not terrible but it's also a little bit silly
> since a collision in SHA2-256 will be a collision in the pair,
> which means all you're doing is shortening the hash while avoiding
> the length extension attack. There are also potential weaknesses in
> the pair that may not exist in either one due to the fact that the
> pairing has not been well studied. You could accomplish the same
> end with less CPU and less code by using a truncated SHA-512 hash.
> 
> Otherwise, I tend to agree with your goals and approach, though I
> think it may be more impactful to simply bring the decentralized
> identity aspect of it to the web. The fact that I have no portable
> identity with which to comment on or post arbitrary content around
> the web is very annoying. At best, the current system could be
> described as federated, but even that's not entirely true since few
> sites actually support OpenID and fewer users know what their
> OpenID URL is.
> 
> 
> On Mon, Sep 23, 2013 at 9:48 PM, Liam Edwards-Playne
> <liamzebedee@yahoo.com.au <mailto:liamzebedee@yahoo.com.au>> wrote:
> 
>     I've been working on a new open micropublishing network that's
>     entirely peer-to-peer, relying on a publish-subscribe overlay to
>     facilitate scalable distribution of messages on hashtags, profiles
>     and threads.
> 
>     You can peruse its design in this document:
>     http://bitweav.org/whitepaper.pdf
> 
>     Its main features:
>      - first of its kind to support publish/subscribe to topics
>     (profiles, hashtags, threads)
>      - doesn't use rendez-vous nodes for topics (meaning only nodes
>     who are subscribed to a topic will help distribute messages on it)
>      - message threading and replies. multilingual support.
>      - more scalable approach to message dissemination using rings,
>     rather than gossip-based flooding (see ch. 7 of whitepaper)
> 
>     I'd appreciate any constructive criticism / discussion and if
>     anyone would like to help I would greatly appreciate it. I'm
>     currently developing the frontend graphical client, afterwhich I
>     will progress to implementing the backend daemon.
> 
>     Cheers,
>     Liam Edwards-Playne.
>     _______________________________________________
>     p2p-hackers mailing list
>     p2p-hackers@lists.zooko.com <mailto:p2p-hackers@lists.zooko.com>
>     http://lists.zooko.com/mailman/listinfo/p2p-hackers
> 
> 
> 
> 
> _______________________________________________
> p2p-hackers mailing list
> p2p-hackers@lists.zooko.com
> http://lists.zooko.com/mailman/listinfo/p2p-hackers


_______________________________________________
p2p-hackers mailing list
p2p-hackers@lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers


----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://ativel.com http://postbiota.org
AC894EC5: 38A5 5F46 A4FF 59B8 336B  47EE F46E 3489 AC89 4EC5
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://cpunks.org/pipermail/cypherpunks/attachments/20130925/ad04b1c2/attachment.sig>

More information about the cypherpunks mailing list