Dev:Secure-hashs

Aus YaCyWiki
Wechseln zu: Navigation, Suche

Secure-Hashs

Purpose

  • Protect Hashs from spoofing
  • provide a reliable Peer-Authentification
  • provide optinal encryption of the YaCy-Protocol

Implementation

General

Fingerprint as Hash The Fingerprint needs to be a hash, because we cannot sign another hash, without the possibility of collision attacks. (two peers have signed the same hash, which one is the right? A Fingerprint is secure, because you need to crack the key, to use the fingerprint as Hash.

The problem with this is, that this would need large DHT-Transfers, because of the hashchange. So we should consider using two hashs, one for DHT (the same as currently), and the secure one as identifikation (YaCy-Domains, Messages, Blacklists, ...)

Crypto

  • public-/private-key crypto
  • public key available via /yacy/key.html
  • authentification via cryptochallange
  • DB for publickeys
  • Java Independent Keyformat

cryptochallange

  • sign a provided random string
  • send back a decrypted string, which was crypted with the public key matching the hash(fingerprint)

Format

  • https certificate?
  • pure RSA?
  • GPG?

Links

Forumthread