[sldev] Cryptographic signing of UDP packets

Argent Stonecutter secret.argent at gmail.com
Mon Dec 22 10:10:06 PST 2008


On 2008-12-17, at 10:03, Carlo Wood wrote:
> However, if each packet
> has to be seperately decryptable, then the redundacy will be enormous
> and it would be very easy (cost little cpu) to obtain the key from
> from a number of packets (which assumes an attacker can intercept
> them), even so much that it isn't worthwhile to change the key every
> once in a while.

One thing to keep in mind is that this is probably not attempting to  
counter a MITM attack, it's meant to counter a forged packet attack  
involving a situation where the attacker knows the IP address of the  
user and of the server they're using in SL.

> An other approach would be to assume that packets cannot
> be intercepted, only inserted.

Indeed.




More information about the SLDev mailing list