I make making a peer 2 peer protocal much like waste for a small dark net, but i have one huge problem.

Man in the middle attacks.

I have had so manu ideas and solotions, but they all lead back to the same problem, a man in the middle is a proxy of you. so theres no way you can stop him... right?

Sure there is, simply authenticate and encrypt all connections with asymmetrical cryptography, just like e.g. SSL. Waste is using this already I think, so why do you want to make your own instead of using Waste, what do you think Waste is lacking?

I actually designed my own protocol for this about two years before Waste was released, but never had the time to implement it fully, and it had some cool features that Waste is lacking, that's why I'm extra curious about it.

a man in the middle can just replace the public keys used in the key exchange.
with his own, so he can decrypt all the packets.

my only solotion is to have all the keys signed with a 3rd party keys (ala verisign) but that doesnt make my network very decentralized.


waste is vuln to untrusted users being on the network, its also vuln to man in the middle on connection.

The public keys (i.e. "asymmetrical identification certificates" of some kind) do of course have to be either distributed beforehand, or, like you suggest, signed by a trusted source, but otherwise it wouldn't be much of a private network to begin with, now would it? Consider carefully on a design level what you want to accomplish with this protocol, and when these things are clearly defined, then start to think about the implementation.

If you give us a bit more detailed description of what you really want to accomplish with the protocol, in terms of authentication and access control, I'm sure we will be able to help you.

yes more info would be good, but i fear sharing vaporware.
i think i solved the problem with an inherited chain of key signing.

i

i worked a year ago on some crypto thing and i remeber that there was a diffie hellman algo, which solves the mim problem.
(there a the old diffie hellman algo and some extended versions often used in vpns)

Are you sure that this algorithm protected against a man in the middle who could intercept and edit the traffic? (which is the common definition of man-in-the-middle, contrary to a simple eavesdropper) I don't think this is possible without some kind of pre-distributed credentials of some sorts (e.g. client-side certificates or some other secret, known only by the two persons in the endpoints).

There is indeed a Diffie-Hellman algorithm for secure public key exchange though, which prevents any attacker who cannot edit the traffic from eavesdropping, but this is just equivalent of the two endpoints sending over their public RSA keys in plaintext, and then encrypting the rest of the communication with these, which does not protect against man-in-the-middle attacks.

Maybe Mike is willing to settle it for us anyway?

Diffie Hellman doesn't help at all in a MITM attack. It's just another public key scheme. nelixx's idea about key signing could work if it's done right. You just have to be sure that the verification key can't be replaced by the MITM. That was the idea behind having Verisign's public key built into every copy of Internet Explorer.

(And delta, about the time lag--I check once a day, but usually about 8 hours later than the posters, since I'm in New Zealand. The reason I hadn't commented is because nelixx said he had it sussed)

Hey Mike, someone down there in New Zealand is leasing out the computer they used to do the animation for the Lord of the Rings. It's reported to be the 83 fastest in the world. Now is your chance to grab some time for that more complicated crypto work.

Regards,