From: Ximin Luo <ximin@dfinity.org>
To: "Jason A. Donenfeld" <Jason@zx2c4.com>
Cc: WireGuard mailing list <wireguard@lists.zx2c4.com>
Subject: Re: Using WG for transport security in a p2p network
Date: Fri, 20 Apr 2018 17:20:39 +0200 [thread overview]
Message-ID: <CADX+UFjjqvemqD38xvpa3GAFBWm2=39sb7dfBnvuAaQkzqwdRQ@mail.gmail.com> (raw)
In-Reply-To: <CAHmME9racrutSPmM_Oy6eHAx3B=ah1=xzchzb_msZ5F9Zf-rGA@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1768 bytes --]
(reposting to the list, I'll learn one of these days..)
On Fri, Apr 6, 2018 at 7:59 PM, Jason A. Donenfeld <Jason@zx2c4.com> wrote:
> [..]
>
> Let me know if you have any more questions or ways in which I can help
> you guys out with the p2p protocol.
>
>
Hey, thanks for the reply. Another issue came up while I've been looking
into this:
At present, one has to manually add specific peers in order for WG to
authenticate them. I was wondering what the options are for dynamic
authentication, of peer keys that one doesn't know beforehand. The typical
example would be a PAKE but for us it would be an alternative
zero-knowledge proof that the initiator's key belongs to some allowed-set
of peers wrt the responder's key, as defined by the rest of the protocol
(I'm being vague because the details are TBD, actually).
It would be nice to keep WG's current property of being able to
authenticate a client on the first packet without requiring further
communication. To reduce the DoS-potential of having to verify a complex zk
proof, we can probably also include a proof-of-work linked to a recent
global shared source of randomness (we have that in our protocol). So one
way would be for WG to hook into a custom function that reads a custom
certificate from the first incoming packet and say whether it passes the
test.
Alternatively we can listen on another socket, perform the custom check on
incoming packets here, and then forward passing packets with our custom
portion stripped out onto the local WG socket. Hopefully this would "just
work" if the "from" address on the UDP packet is correct. However,
initiating these would be tricky, we'd have to intercept the WG initial
outgoing packet and rewrite it.
Other suggestions would be much appreciated.
X
[-- Attachment #2: Type: text/html, Size: 2477 bytes --]
next prev parent reply other threads:[~2018-04-20 15:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-05 3:22 Ximin Luo
2018-04-05 7:13 ` Matthias Urlichs
2018-04-05 16:06 ` Tim Sedlmeyer
2018-04-05 19:00 ` Ximin Luo
2018-04-05 18:07 ` Ximin Luo
2018-04-05 19:49 ` Matthias Urlichs
2018-04-14 16:01 ` Bruno Wolff III
2018-04-14 18:33 ` Matthias Urlichs
2018-04-05 15:32 ` Kalin KOZHUHAROV
2018-04-05 18:17 ` Ximin Luo
2018-04-06 17:59 ` Jason A. Donenfeld
2018-04-20 15:20 ` Ximin Luo [this message]
2018-04-20 15:44 ` Ximin Luo
2018-04-20 19:27 ` Jason A. Donenfeld
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CADX+UFjjqvemqD38xvpa3GAFBWm2=39sb7dfBnvuAaQkzqwdRQ@mail.gmail.com' \
--to=ximin@dfinity.org \
--cc=Jason@zx2c4.com \
--cc=wireguard@lists.zx2c4.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).