Dev:Secure-hashs
Aus YaCyWiki
Inhaltsverzeichnis
Secure-Hashs
Purpose
- Protect Hashs from spoofing
- provide a reliable Peer-Authentification
- provide optinal encryption of the YaCy-Protocol
Implementation
General
Fingerprint as Hash The Fingerprint needs to be a hash, because we cannot sign another hash, without the possibility of collision attacks. (two peers have signed the same hash, which one is the right? A Fingerprint is secure, because you need to crack the key, to use the fingerprint as Hash.
The problem with this is, that this would need large DHT-Transfers, because of the hashchange. So we should consider using two hashs, one for DHT (the same as currently), and the secure one as identifikation (YaCy-Domains, Messages, Blacklists, ...)
Crypto
- public-/private-key crypto
- public key available via /yacy/key.html
- authentification via cryptochallange
- DB for publickeys
- Java Independent Keyformat
cryptochallange
- sign a provided random string
- send back a decrypted string, which was crypted with the public key matching the hash(fingerprint)
Format
- https certificate?
- pure RSA?
- GPG?