[Babel-users] About an authentication extension
Rodrigo Garcia
strysg at riseup.net
Sun Sep 10 21:51:27 UTC 2017
I see, however the project has already been accepted so i will have to
do it anyway :(
Maybe i can think not to use random numbers but something to make it
more difficult that a false ciphertext be accepted by other nodes.
Thanks, i will use the references to point out the vulnerabilities.
El 10/09/17 a las 13:13, Toke Høiland-Jørgensen escribió:
>> Yes, but a node does not have the private key, so it can't create *new*
>> encrypted tokens by its own.
>
> Not necessarily. In general, even if you don't know the private key,
> changing the ciphertext can still change the plaintext after decryption.
> Especially, since in your scheme an attacker only needs to change a
> single byte (holding the random number attached to a prefix) to get a
> new valid token for that prefix.
>
> For RSA in particular, don't encrypt things with the private key; see
> https://stackoverflow.com/questions/44261028/modification-of-rsa-encrypted-cipher-text
> and this answer linked from there:
> https://crypto.stackexchange.com/questions/15997/is-rsa-encryption-of-a-cryptographic-hash-with-a-private-key-the-same-as-signatu
More information about the Babel-users
mailing list