Changes between Initial Version and Version 1 of Ticket #1426, comment 2


Ignore:
Timestamp:
2011-07-10T14:26:27Z (13 years ago)
Author:
zooko
Comment:

Legend:

Unmodified
Added
Removed
Modified
  • Ticket #1426, comment 2

    initial v1  
    11Hm, it is worth adding protection against replay attack? This attack would be a denial of service in which the attacker stores an old {{{writecap.key.sign([tag, new-write-enabler, storage-index, serverid])}}} and every time you try to set a ''new'' new write-enabler the attacker replays this old new write-enabler to reset it.
    22
    3 One good defense would be to include the one-way hash of the old write-enabler in the message. As davidsarah mentioned in comment:1, it might be convenient anyway for the server to send this one-way hash of the current write-enabler to the client anyway, in order to inform the client about whether they need to rekey.
     3One good defense would be to include the one-way hash of the previous write-enabler in the message. As davidsarah mentioned in comment:1, it might be convenient anyway for the server to send this one-way hash of the current write-enabler to the client anyway, in order to inform the client about whether they need to rekey.