Comments (2)
Problem
The above protocol is safe against MitM, but once both peers know which workspaces they have in common they will start syncing them in plaintext with each other. At that point a MitM will observe the actual workspace address (and actual data).
An example attack is: "Hey everyone, use my cool pub https://totally-safe-pub.com. It definitely is not just a proxy that forwards your requests to an actual pub in order to learn the names of your workspaces!! Look it's https, very safe"
Solution
Right now when our peers talk, in general, they don't authenticate or know the identity of each other.
I think we need to do a secure key exchange like secret-handshake which identifies the peers to each other.
This means each peer needs to have a keypair.
For regular peers: I think it's ok for secret-handshake to re-use the same author keypair across multiple devices?
For pubs: we'll have to generate keypairs for them, and... trust on first use, or add them into the pub URL?
BTW, I don't want to start treating pubs as part of the human social graph like SSB does. Earthstar doesn't even have a social graph actually!
from earthstar.
Other solutions
Once we have these two...
- #7 Invite Only Workspaces (limited people can write to a workspace)
- #11 or #49 Encrypted Documents (limited people can decrypt/read)
...it won't matter as much if random people learn your workspace address.
In the long run that's probably a better and safer approach -- encrypt the actual data instead of just encrypting the transport using secret-handshake.
Also, to clarify: in the proposed algorithm, a MitM can only learn of the workspaces the two peers have in common, not the ones that are unique to one side.
from earthstar.
Related Issues (20)
- Direct p2p online sync with WebRTC HOT 1
- Attachment sync not working on Deno runtime HOT 1
- Restricting the paths an applet can read and write to HOT 2
- What is this key for in `syncReplicaAndFsDir` ? HOT 1
- ReplicaDriverWeb not accessible from all environments HOT 4
- Upgrade SQLite3 dependency to 0.8.0
- Address private set intersection exploit HOT 2
- What is the rationale for the generateAuthorKeypair shortname only allowing lengths of 4 chars? HOT 1
- npm install error HOT 1
- Adding denoKV to doc drivers HOT 3
- ReplicaCache#onCacheUpdated not triggered until you call cache.queryDocs()? HOT 3
- Error compiling typescript file that imports earthstar npm package
- ExtensionKnownShares loading known shares from memory HOT 1
- Export a browser entrypoint with IndexedDB StorageDriver
- Port Discovery API + DiscoveryLan
- Add way to check if Auth has been set up yet
- Add way to check if given password is correct on Auth
- Auth should be an EventTarget and emit events
- Peer should be an EventTarget and emit events
- IdentityKeypair + ShareKeypair secretKey property should be Base32 encoded string
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from earthstar.