Skip to content
This repository has been archived by the owner on Aug 2, 2021. It is now read-only.

add sealing/unsealing for trojan messages #2160

Open
mortelli opened this issue Apr 16, 2020 · 0 comments
Open

add sealing/unsealing for trojan messages #2160

mortelli opened this issue Apr 16, 2020 · 0 comments
Assignees
@mortelli
Labels
encryption global pinning experimental implementation of global pinning

Comments

@mortelli
Copy link
Contributor

mortelli commented Apr 16, 2020
edited
Loading

Trojan messages should use asymmetric encryption as described in the Book of Swarm:

The recipient only knows that a chunk is a pss message if and when they successfully opened the Trojan message with the private key corresponding to the public key that they advertise as their resident key, and do an integrity check/topic matching. Nodes that want to receive such Trojan Messages will keep trying to open all messages that they are closest to. Forwarding nodes (or anyone else apart from sender and recipient) have no way to distinguish between a random encrypted chunk and a trojan message, which means that communication is perfectly obfuscated as generic chunk traffic.

After the recipient has opened the envelope using asymmetric decryption, there is a combined step of integrity check and topic matching. Knowing the length of the payload (from the first 2 bytes of the message), the recipient takes the payload slice and calculates the Keccak256hash of it. Now for each topic the client has a subscription to, it then hashes the payload hash together with the topic. If the resulting segment xor-ed with the topic matches the obfuscated topic id in the message then the message is indeed meant as a message with the said topic and the registered handler is called with the payload as argument.

The specs are as follows:

The message is encoded in a way that allows integrity checking and at the same time obfuscates the topic. The operation to package the payload with a topic is called sealing

// pss

define function seal @payload []byte
    with topic
as
    @seal = hash @payload and @topic  // obfuscate topic
        xor @topic
    return message{ @seal, @payload }

define function unseal message
    with topic
as
    @seal = hash @message payload and @topic
    if @topic == @seal xor @message seal then // check
        return @payload
    return nil

Original issue

(stemming from unresolved thread in #2158)

look into implementing @zelig's suggestion:

an integrity check plus extra obfuscation of the topic can be done if the topic is encrypted with a key that is

key := Hash(topic, payload)

now the integrity check would be:

for topic, handler := range handlers {
    if xor(hash(topic, m.payload),topic) == m.topic {
        go handler(m)
        break
    }
}

see thread here
@mortelli mortelli added the global pinning experimental implementation of global pinning label Apr 16, 2020
@mortelli mortelli self-assigned this Apr 16, 2020
@mortelli mortelli mentioned this issue Apr 16, 2020
Merged
1 task
@mortelli mortelli changed the title integrity check + obfuscation for trojan messages integrity check + obfuscation for trojan message topics Apr 16, 2020
@mortelli mortelli changed the title integrity check + obfuscation for trojan message topics add encryption in trojan messages Apr 24, 2020
@mortelli mortelli changed the title add encryption in trojan messages add sealing/unsealing for trojan messages Jun 29, 2020
@mortelli mortelli mentioned this issue Jul 13, 2020
Merged
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@mortelli mortelli

Labels
encryption global pinning experimental implementation of global pinning
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mortelli