1/25/2024 0 Comments Crossover hondayour identity), and optionally the friend’s signatures Your Retroshare certificate contain the following information: Retroshare is currently not using the full potential of the web of trust mechanism, and we would like to develop it further in the future. A new identity being signed by some of your friends should be understood as being approved by your friends, and should garner a higher level of confidence with you. This is permitted by Retroshare in order to provide a Web-of-Trust mechanism to the network. Signing your friend’s PGP key is not mandatory for connecting (Don’t mix that up with signing SSL certificates, which *is* mandatory). hand-to-hand), SSL connections cannot be spied on using a so called man-in-the-middle attack. If PGP keys (and therefore Retroshare certificates) are exchanged safely (e.g. In this callback, Retroshare verifies the PGP signature of the SSL certificate, using the PGP public key of the friend. When connecting to a friend, the SSL handshake protocol allows a callback that is used to validate the certificate sent by the connecting peer. it must be RSA for encryption and signing.It however requires the following characteristics in the key: 4096 bits keys instead of 2048 bits), and also offers users to create a new PGP keypair if they haven’t got one. Retroshare accepts existing PGP keys for creating identities (e.g. Optionally signing the keys of your friends.Signing your location’s SSL certificate (See connecting to a friend).Encrypting the SSL passphrase on disk (See login mechanism below).Your PGP key links together the various SSL certificates of your locations. PGP is a standard for encryption and authentication that provides a web of trust between friends. Your identity is represented by your PGP key. random number generation (For tunnel IDs, chat lobby IDs, etc).To each location corresponds a unique SSL certificate, that is stored encrypted on the hard-disk Encrypting configuration files (used by Retroshare modules for storing state and data).Encrypting communication between friends.We use it with standard parameters, meaning 2048 bits RSA keys in the following operations: Cryptography in RetroshareĬonnections between friends are encrypted using SSL, which is a protocol for secure communication, and a set of cryptographic functions. In the end of the post, we present the limits of the security model, examining what an attacker can do with various levels of penetration of your system. We detail in this post what methods are used in which place and their parameters. Retroshare’s security relies heavily on cryptographic algorithms.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |