[rc5] Suggestion for protocol

Fedor Kouranov ted99 at ibm.net
Sun Jun 22 18:12:56 EDT 1997


On 06/22/97 Honza Pazdziora <adelton at informatics.muni.cz> said:

>The block that the client gets from the keymaster would be divided into
>1024 subblocks. Each would be encrpted and cumulative checksum would be
>taken. The result would be 1024 bytes (or any other number), one byte per
>one subblocks. The keymaster would have to choose number between 0 and
>1023 randomly and compute the subblock and it's checksum. If it is OK, it
>believes that also the rest of the block has actualy been processed and
>accepts the block.

Totally infeasible. This would mean doubling the number of cycles per key
just for the sake of paranoia. And still it can be easily faked.

Let's look at our fears. There are two types of attack I can imagine. 1)
Not telling the proxy about the 'winning' blocks. 2) Claiming the unchecked
blocks to be checked. Is there anything more people can do (leave alone
DoS)? And let's ignore the reasons for such attacks.

The first attack can be easily fought back by two ways. On the programming
side, it's sending in 'surprise' blocks which happpen to contain a
solution. This way we can determine the fake clients. On the other hand, a
smart hacker will be able to tell 'the' solution from 'a' solution by some
very simple heuristic analysis.

On the legal side, the clients should be copyrighted with this statement:
by running the client the user agrees that if his/her computer finds the
winning key, $8000 from the prize will be donated to PG and $1000 to the
programming team... And yeah, no altering of clients, clients are used with
the Bovine effort only, the copyright is kept intact etc. There is no other
way to stop people from hacking the code.

The second attack is harder to spot. 'Surprise' solutions are a good way of
defense (because they will not bother actually checking them), but if
someone decides to harm us really bad, it still won't help... There are two
types of people that can attempt to hurt us. 1) Those who are not good at
programing. Easy. 2) Profound types. They will simply decompile the code (I
heard about such tools) or make their changes right in the assembly...
there is NO way to stop them. Concealing the code is expected to prevent us
from getting in trouble with the people who know C, but not assembly. Is
this the most common type of a bad hacker?

Is the v2 protocol not vulnerable to reverse engineering?

Comments appreciated.


 /** Christ Is Risen ! *** __+__ ******  Fedor "Ted" Kouranov  *****/
 /* Xristos Voskrese ! **   \|    ** ted99 at ibm.net * fedor at bu.edu **/
 /** Xristos Anesti ! ****   |\  ** http://enz.siobc.ras.ru/~fedor */

----
To unsubscribe, send email to majordomo at llamas.net with 'unsubscribe rc5' in the body.



More information about the rc5 mailing list