Reject old timestamps when deriving rotation mode keys (!1481) · Merge requests · briar / briar

akwizgran requested to merge 2079-reject-old-timestamps into 1802-sync-via-removable-storage Jun 15, 2021

This branch checks that the timestamp is ~~no more than one year old~~ no earlier than 1 Jan 2021 before trying to derive rotation mode transport keys. This avoids spending an excessive amount of time deriving keys if the timestamp is very old.

Callers handle an invalid timestamp in the same way as an invalid public key (for example, aborting the session in the case of the introduction client).

If there's a gap of more than a year between the first introducee accepting an introduction request and the second introducee accepting it, the session will be aborted. I think this is a less serious problem than blocking the DB for a long time while deriving keys if one of the introducees sends an invalid timestamp. We can adjust the tradeoff between these two problems by adjusting the maximum timestamp age.

Closes #2079 (closed).

Edited Jul 06, 2021 by akwizgran

Reject old timestamps when deriving rotation mode keys

Merge request reports