[rc5] Counter-spoofing

Evan Vetere vetere at avara.com
Fri Jun 20 08:32:25 EDT 1997

> I guess the encrypted message is not fixed in the client but is sent each
> time as well

Of course it's not fixed in the client! Think about the implications of this.
1) Bovine and Duncan have been lying to us all along; they do really know the hidden message
2) A hacker could find the message by decompiling the sourc
3) All the coders know the source as well; they've read the code. 

This is obviously not the case.

The distributed.net computer sends the proxies keys, the proxies distribute to the clients; the clients check to see if they're the correct answer and send them forth to the distributed.net server with a flag "I might be it!" if the client's own built-in solution recognition code sees something indicative of a solution. The client's code for this is very loose, and it often rings for a possible answer; probably more than once a week.

If there isnt a possible answer found in the key, we continue on. The server at dist.net logs the key as checked and false. 

Someone correct me if Im wrong anywhere (yes, I know this is an oversimplification).

-Evan Vetere
vetere at ethereal.net

To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.

More information about the rc5 mailing list