Re: [Monotone-devel] netsync transport encryption?

[Richard Levitte - VMS Whacker]

In message <address@hidden> on Wed, 25 Oct 2006 08:11:02 -0400, Cem Karan 
<address@hidden> said:

ckaran> Here is my suggestion for what to do:
ckaran> 
ckaran> 1) The initiating side generates a random session key,
ckaran>    encrypts it with the receiving sides public key, and sends
ckaran>    it on to the receiving side.
ckaran> 2) The receiving side does exactly the same thing back.  This
ckaran>    solves the really weird race condition where both sides
ckaran>    want to initiate communications at the same time.

Do we have the race condition problem?  SSH and SSL works by having a
common session key for both directions of the communication, but your
idea should work.

ckaran> 3) [...] I'm suggesting compression because of what Brue
ckaran>    Schneier says about how it make cryptanalysis harder, and
ckaran>    makes encryption/decryption faster.  If Monotone already
ckaran>    does a good job of compressing its data, then this isn't as
ckaran>    necessary (this would require testing to see what works
ckaran>    faster/better).

Monotone already compresses most of the payload.  Cryptoanalysis is
otherwise commonly made harder with CBC mode or similar (there are
more complex modes).

Cheers,
Richard

-----
Please consider sponsoring my work on free software.
See http://www.free.lp.se/sponsoring.html for details.

-- 
Richard Levitte                         address@hidden
                                        http://richard.levitte.org/

"When I became a man I put away childish things, including
 the fear of childishness and the desire to be very grown up."
                                                -- C.S. Lewis