[Cryptography] Implementing full Internet IPv6 end-to-end encryption based on Cryptographically Generated Address
Caleb James DeLisle
cjd at cjdns.fr
Fri Jan 25 08:07:39 EST 2019
Hm interesting conversation, just joined the list.
> CGA is used to implement Secure Neighbor Discovery, which resolves
> [...]
> prefix, the middle 3 bits of computational difficulty, and the last 59 bits
Can we please avoid using the word "secure" for things with 59 bits of security ?
If we use "secure" for this then we won't have a word for networks which are safe
enough for logging into your bank. Generally in the crypto community, less than
128 bits is labeled as "insecure".
> As before, CJDNS had more appropriate options and didn't use them.
RFC-3972 was evaluated at that time but 59 bits of security was not considered at
all appropriate.
One thing that's important to note about cjdns is that it requires Alice to learn
Bob's pubkey and protocol version number before sending the first message to him.
This is important because if you wanted to use the fc space for your project, you
could do that and announce your pubkey to the cjdns nodes and then cjdns nodes
would be able to know to switch to your protocol whenever they want to talk to one
of your nodes. This affords you at least 120 bits of security, if you search for a
key beginning with fc as cjdns does, then it's 128 bits for a specific collision
but with 120 bits for a birthday.
Thanks,
Caleb
On 25/01/19 13:31, grarpamp wrote:
>> You're exaggerating the issue.
>
> Oops memory fail as to one bit... today CJDNS really
> only conflicts with RFC, not yet colliding with users
> in typical environments, as they are unlikely to have
> gone against RFC to use the same space.
> More space summary later. Sorry, thanks.
>
More information about the cryptography
mailing list