[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

CADET protocol: Anna or Betty?

From: carlo von lynX
Subject: CADET protocol: Anna or Betty?
Date: Fri, 3 Jan 2020 13:35:42 +0100
User-agent: Mutt/1.5.20 (2009-06-14)

Why Anna? Because Alice sounds too much like it's about crypto!

Greetings from the secushare workshop. We're discussing the
implications of the protocol design bug regarding that Alice
(Anna) or Betty logic by which if the channel breaks and
Betty wants to re-open it, then she can't actually do anything
because Anna is supposed to start the handshake whereas Anna
thinks the channel is still up and running and thus doesn't
do anything.

We're thinking of introducing an extra message from Betty to
Anna which tells Anna that Betty would like to be entertained
and transmits Betty's new channel id. Anna will the either 
realize she has an old channel id, thus needs to take action,
or she has *no* channel id, then she probably started negotiation
at the same time and should act no further (racing condition)
or she already has that channel id, then also she does nothing.

Does that sound reasonable? Where do we have documentation
explaining why we have this decision-making logic in the first
place rather than letting the initiating of the two start the
handshake? I don't think Tor has anything like that, also TCP
and TLS don't have it.

Back in the days of PSYC1 I designed it in such a way that if
both nodes decide to talk to each other at the same time, they
will interpret each others' initations as the respective 
responses, resulting in faster link creation.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]