How Does Node Identity Work?

[glowkeeper]

I'm trying to understand how identities work in IPFS. This question is related to https://github.com/ipfs/faq/issues/236

Anyway; I run this to initialise an IPFs repository:

ipfs init
initializing ipfs node at /Users/auser/.ipfs
generating 2048-bit RSA keypair...done
peer identity: Qmcpo2iLBikrdf1d6QU6vXuNb6P7hwrbNPW9kLAH8eG67z

The IPFS architecture specs (https://github.com/ipfs/specs/tree/master/architecture), state this:

The IPFS network uses PKI-based identity. An "ipfs node" is a program that can find, publish, and replicate merkledag objects. Its identity is defined by a private key. Specifically:

privateKey, publicKey := keygen()
nodeID := multihash(publicKey)

So is this 'PKI-based identity' a self-signed certificate using the RSA keypair? How is that 2048-bit RSA keypair generated? Is there some default/automated passphrase or some such used? Forgive me if it's obvious, but I'd really appreciate a thorough explanation.

[hsanjuan]

IPFS generates a regular RSA key pair.

The Peer ID is the hash of the public key. When peers connect to each other they exchange public keys. The communications are encrypted using those keys. You can check that the peer ID matches the hash of the public key provided by a peer to ensure you are talking to the right person.

IPFS stores the [private] RSA key in the configuration. No passphrase. There is no self-signed certificate involved in the whole process.

[glowkeeper]

@hsanjuan thanks! Where is that [private] RSA key stored?

[glowkeeper]

And how does the RSA key generation work, exactly? Does it just pick a modulus and exponent at random?

[hsanjuan]

@glowkeeper stored in ~/.ipfs/config by default.

It uses https://golang.org/pkg/crypto/rsa/#GenerateKey with a random source seeded with current time nanoseconds. (https://godoc.org/github.com/libp2p/go-libp2p-crypto)

[Kubuxu]

with a random source seeded with current time nanoseconds.

That is not true, it uses Golang's crypto/rand module that uses entropy sources provided by system.

[hsanjuan]

@Kubuxu thanks, I should have checked before speaking

[glowkeeper]

@hsanjuan, earlier you said: "You can check that the peer ID matches the hash of the public key provided by a peer to ensure you are talking to the right person." That checking is where I'd imagine a signature or some such like would come into play, but there is no signature. So how does that process work?

Forgive me for blathering on. And feel free to tell me: "go look for yourself!" and point me in the direction of the source ;)

[hsanjuan]

@glowkeeper you don't need a signature because your name (peer ID) is the hash of your public key. If a node tried to use someone else identify it would not be able to provide a public key which had the same hash as the original to match the ID that it is trying to use. (I mean, it would be able to provide the original public key from the true peer, but it would not have the private key so it couldn't decode any of the data sent to it).

Other than that there is no trust-schemes or authorities like say, with web certificates.

[flyingzumwalt]

This issue was moved to https://discuss.ipfs.io/t/how-does-node-identity-work/317