[Verse-dev] Crypto update
Emil Brink
emil at obsession.se
Mon Feb 14 17:03:20 CET 2005
On Mon, 14 Feb 2005 14:59:09 +0100
Gert Svensson <gert at pdc.kth.se> wrote:
> >I don't think hacking Verse servers is very high on evil people's
> >agendas today, so perhaps we can focus on getting the functionality in
> >there, and work to increase the security by improving the performance
> >later?
>
> Sounds like an excellent solution to me.
> Gert
Okay... So what do you say, Eskil? I'm not totally sure I can do this
myself, I don't know the guts of the connection-establishment algorithm
well enough, don't know which packets should be encrypted with which
key, and so on.
I don't even know why clients generate two keys, while the server only
does one.
You *really* should write down a description of the connection encryption
algorithm somewhere, showing which packets are sent where when, and how
they are encrypted. Please?
Also, I imagine that adding support for varying key lengths is a bit
problematic, from what I've seen key sizes are hardcoded throughout...
Regards,
/Emil
More information about the Verse-dev
mailing list