[prev in list] [next in list] [prev in thread] [next in thread]
List: spread-users
Subject: Re: [Spread-users] Secure Spread problem
From: Yair Amir <yairamir () cnds ! jhu ! edu>
Date: 2001-05-16 16:59:23
[Download RAW message or body]
Hi Yiqiang,
This is a very good point.
Secure Spread is an on-going research project. The focus so far was on robust key \
agreement protocols and the first release of Secure Spread implements such a \
protocol. From a security perspective, nothing bad has happened (!) - no \
un-authorized members can get messages or join the secure group.
To solve the problem of them joining the group, access control has to be involved (so \
that non-authorized members will not be able to join or send to the group). This \
support is located actually at the Spread daemon level itself. The hooks for such \
support are already in Spread 3.16 that will be released in the near future as part \
of the big changes happening to Spread.
Stay tuned,
:) Yair. http://www.cnds.jhu.edu
Ding Yiqiang wrote:
> Hi, What if a normal user(attacker) Eve tries to join the secure group, assume \
> Spread daemons are accessible by Eve, Eve knows the address of those Spread \
> daemons, and even the group name those secure members are joining? I made a test \
> using the demo program "user" provided by SSP 1.0.0. One group with secure group \
> communication was setup successfully. However, when I use another demo program \
> "user" provided by Spread-1.14 to connect this secure group, following events \
> happened:1. Eve got all those member names in the secure group;2. Each secure \
> member received a FLUSH_REQ message;3. Even after sending flush ok to the group, \
> all secure members got stuck. Any comments? BTW, lots of thanks for Jonathan's \
> comments of spread configuration problem. Yiqiang
_______________________________________________
spread-users mailing list
spread-users@lists.spread.org
http://lists.spread.org/mailman/listinfo/spread-users
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic