search

jbenet / random-ideas

random ideas
juan.benet.ai
324 stars 12 forks source link

Packet Chains: Content-Addressing Against Replay Attacks #7

Open jbenet opened 10 years ago

jbenet commented 10 years ago

use a block-chain like structure in protocols to protect against replay attacks.

jbenet commented 9 years ago

This would actually be useful for causally ordering all communications too. the merkledag of all events. would need to make sure all input sources are "causality-sanitized" (i.e. wrapped in a message that brings them into the history so they compose correctly). would also need to ensure all messages are available forever (or at least its links), which is a pretty nasty requirement for all messages. probably worth revisiting the causality lit though.

@davidad you were probably thinking along these lines?

davidad commented 9 years ago

Yes, along these lines. With reference to my last blog post, a mechanism like this would be in the Transaction layer of Mesh. It wouldn't order every event ever into one dag, but would order all events relating to a particular "repository" (or whatever the isomorphic abstraction ends up being called). Further, authenticated and encrypted messages could be sent at lower layers of the stack without involving any repositories, thus avoiding the nasty requirement "for all messages".

jbenet commented 9 years ago

order all events relating to a particular "repository" (or whatever the isomorphic abstraction ends up being called).

how about a "history"? the language relating to "histories" and event sequences lends itself well. version control already calls it that. and it's independent of the physical location of things, which the word "repository" currently implies.

Further, authenticated and encrypted messages could be sent at lower layers of the stack without involving any repositories

Sometimes it's critical that authentication or encryption happen "inside the message". "I sent you precisely this signed message" is a really important property include in the history. Agree it should be optional -- there's a need for both "authenticated or encrypted communication channel for the protocol" (lower layer) and "authenticated or encrypted communication delivered" (higher layer). (you already thought about all of this, just syncing our thoughts)