[prev in list] [next in list] [prev in thread] [next in thread] 

List:       spread-users
Subject:    Re: [Spread-users] Secure Spread problem
From:       Yair Amir <yairamir () cnds ! jhu ! edu>
Date:       2001-05-16 16:59:23
[Download RAW message or body]

Hi Yiqiang,

This is a very good point.

Secure Spread is an on-going research project. The focus so far was on robust key \
agreement protocols and the first release of Secure Spread implements such a \
protocol. From a security perspective, nothing bad has happened (!) - no \
un-authorized members can get messages or join the secure group.

To solve the problem of them joining the group, access control has to be involved (so \
that non-authorized members will not be able to join or send to the group). This \
support is located actually at the Spread daemon level itself. The hooks for such \
support are already in Spread 3.16 that will be released in the near future as part \
of the big changes happening to Spread.

Stay tuned,

    :) Yair.    http://www.cnds.jhu.edu


Ding Yiqiang wrote:

> Hi, What if a normal user(attacker) Eve tries to join the secure group, assume \
> Spread daemons are accessible by Eve, Eve knows the address of those Spread \
> daemons, and even the group name those secure members are joining? I made a test \
> using the demo program "user" provided by SSP 1.0.0. One group with secure group \
> communication was setup successfully. However, when I use another demo program \
> "user" provided by Spread-1.14 to connect this secure group, following events \
> happened:1. Eve got all those member names in the secure group;2. Each secure \
> member received a FLUSH_REQ message;3. Even after sending flush ok to the group, \
> all secure members got stuck. Any comments? BTW, lots of thanks for Jonathan's \
> comments of spread configuration problem. Yiqiang



_______________________________________________
spread-users mailing list
spread-users@lists.spread.org
http://lists.spread.org/mailman/listinfo/spread-users


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic