Use signing keys on cipher text

ryco117 / distort-server

A reference-implementation homeserver for the research anonymity protocol, DistoRt, with broadcasting over IPFS

https://ryco117.github.io/distort-server/

GNU General Public License v3.0

3 stars 1 forks source link

Use signing keys on cipher text #1

Closed ryco117 closed 5 years ago

ryco117 commented 5 years ago

IPFS routing will already sign all broadcast messages with it's IPFS peer-ID. However, since the account-name field is used to allow multiple different accounts to share an IPFS node, it makes sense to also sign the cipher text using the cert.key.sign keys. Furthermore, cipher text should be verified using the signature included in the message JSON.

ryco117 commented 5 years ago

May not be necessary since IPFS nodes already sign all published messages, and will soon reject unverified messages by default. It won't be necessary to implement a signature scheme overtop, since IPFS will allow us to verify any message was sent by the IPFS node that's claimed to have authored it.

ryco117 commented 5 years ago

Ended up implemented in case there are instances where a public IPFS node distributes keys for private clients, thus requiring verification beyond trusting the IPFS signature.