From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: <46016185506c42950346d712e2f1d96f@plan9.bell-labs.com> From: David Presotto To: 9fans@cse.psu.edu Subject: Re: [9fans] ISP filtering - update In-Reply-To: <063c01c38427$b3339900$b9844051@insultant.net> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-luntwmqgncifkbnjzelxphcenb" Date: Fri, 26 Sep 2003 08:49:54 -0400 Topicbox-Message-UUID: 4f760556-eacc-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-luntwmqgncifkbnjzelxphcenb Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit -> random1 <- random2, hmac(random1, shared key) -> hmac(random2, shared key) This is incredibly weak authenitcation (susceptible to main in the middle) but works if all you're trying to do is keep out spammers who ar just injecting messages from their home machines. They can't authenticate without knowing the shared key. The problem is always how many shared keys are there. You could have one per pair of communicating individuals but then you need an introduction protocol. You could have a trusted third party to automate that introduction and you've essentially got plan 9's authentication protocol (we mix with DES rather than a keyed hash but its pretty much the same). Public keys have the advantage that the amount of cruft kept secret is small, i.e., your own private key part and nothing else. You don't need cert's per se. Just a place to get public keys that you trust. That could be a place that just has to be kept secure, not secret. --upas-luntwmqgncifkbnjzelxphcenb Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Fri Sep 26 08:28:47 EDT 2003 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Fri Sep 26 08:28:45 EDT 2003 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id BC38E19DC9; Fri, 26 Sep 2003 08:28:20 -0400 (EDT) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.20.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 59FFD199B6; Fri, 26 Sep 2003 08:28:17 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id BD9FE19B68; Fri, 26 Sep 2003 08:27:27 -0400 (EDT) Received: from ams006.ftl.affinity.com (lvs00-fl-n06.valueweb.net [216.219.253.152]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id D8A3D199B6 for <9fans@cse.psu.edu>; Fri, 26 Sep 2003 08:27:26 -0400 (EDT) Received: from coma ([81.64.132.185]) by ams.ftl.affinity.com with SMTP id <8599691-7503>; Fri, 26 Sep 2003 08:26:34 -0400 Message-ID: <063c01c38427$b3339900$b9844051@insultant.net> From: "boyd, rounin" To: <9fans@cse.psu.edu> References: <7f3c75ef821ce85dba22942ef0ea545e@plan9.bell-labs.com> Subject: Re: [9fans] ISP filtering - update MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Fri, 26 Sep 2003 14:14:13 +0200 X-Spam-Status: No, hits=-1.0 required=5.0 tests=QUOTED_EMAIL_TEXT,REFERENCES version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) > SMTP mostly comes from providers (ISP's) and not your friends (unless > your friends happen to own ISP's). yup, i'm thinking about a clever auth method based on a cryptographic hash: - 'public key' is some random string - shared secret is a shared string - cat the two and hash them i need to think about this more. i don't care about encryption. i want authentication [ZKP]. reading _network security_ i see the example is based on transforms on large graphs. the public key is a list of large [500 node] graphs while the private key is the transform between randomly chosen graphs and an isomorphic graph. as the doc says 'this is impracticle'. then i started to think about graphs. now, what is the web? this is all probably flawed, but i haven't given up yet. buddy, can you spare a neuron? --upas-luntwmqgncifkbnjzelxphcenb--