Commits · 66d973bcdd174b8fae23316fdd333a0b348c9f59 · Julian Dehm / briar

Nov 17, 2011

Ignore expected IVs that arrive by the wrong transport. · 66d973bc

akwizgran authored 13 years ago

This prevents an attacker from replaying connections to test whether a
transport endpoint has the same owner as an endpoint on another
transport (eg probing a Bluetooth device to see whether it has the
same owner as a given internet host).

66d973bc

The KDF was using CTR mode unsafely. · 13ebd369

akwizgran authored 13 years ago

The data to be encrypted should go in the IV, with a blank
plaintext, so that the ciphertext is equal to the keystream.

Putting the data in the plaintext would have led to different keys
derived from the same source consisting of the same keystream XORed
with different guessable plaintexts. That would have been bad.

13ebd369

Nov 16, 2011
- Erase connection windows if the JVM shuts down cleanly. · a144884e
  akwizgran authored 13 years ago
  
  a144884e
- Minor SQL cleanups. · 031aa53d
  akwizgran authored 13 years ago
  
  031aa53d
- Minor code cleanups. · 4da7a685
  akwizgran authored 13 years ago
  
  4da7a685
- Keep the connection windows in memory. · 01dd6582
  akwizgran authored 13 years ago
  
  01dd6582
- Erase keys after using them. (Copies created by ciphers, etc, may · f10512d7
  akwizgran authored 13 years ago
  
  still exist.)
  f10512d7
- Unit test for key derivation. · ece03038
  akwizgran authored 13 years ago
  
  ece03038
- Unit test for key derivation. · a13a1769
  akwizgran authored 13 years ago
  
  a13a1769
- Forward secrecy. · f6ae4734
  akwizgran authored 13 years ago
  
  Each connection's keys are derived from a secret that is erased after deriving the keys and the secret for the next connection.
  f6ae4734
Nov 15, 2011
- Return a connection context for outgoing connections (the secret will · d02a68ed
  akwizgran authored 13 years ago
  
  be included in this context in the near future).
  d02a68ed
- Remove transport ID from connection context. · fabdaf59
  akwizgran authored 13 years ago
  
  fabdaf59
- Key derivation function based on NIST SP 800-108. · 9220bb34
  akwizgran authored 13 years ago
  
  9220bb34
- Store the incoming and outgoing secrets separately. · 6a15c03e
  akwizgran authored 13 years ago
  
  6a15c03e
- Made secret keys erasable from memory. · f41d48eb
  akwizgran authored 13 years ago
  
  f41d48eb
- Removed double-encryption of shared secrets. · 23be7fd8
  akwizgran authored 13 years ago
  
  23be7fd8
- Initialise all connection windows when a contact is added. · 6cdf68d6
  akwizgran authored 13 years ago
  
  6cdf68d6
- Store each connection window slot as a database row. · df054b17
  akwizgran authored 13 years ago
  
  This is less memory-efficient but necessary for the coming forward secrecy changes.
  df054b17
- Replaced SHA-256 with SHAd-256 to prevent length extension attacks. · cf49a28c
  akwizgran authored 13 years ago
  
  cf49a28c
- Throw checked exception if concurrent attempts are made to remove a · effa5c9d
  akwizgran authored 13 years ago
  
  contact.
  effa5c9d
- Singleton lists and singleton sets aren't equal, so use lists · 6fd8493d
  akwizgran authored 13 years ago
  
  consistently.
  6fd8493d
- Use aliases for shorter, clearer SQL. · 0da94879
  akwizgran authored 13 years ago
  
  0da94879
- Return transports that have no properties. · 2ad15518
  akwizgran authored 13 years ago
  
  2ad15518
Nov 14, 2011

Minor refactoring. · 72be3476
akwizgran authored 13 years ago

72be3476

Split transport identifiers into two: TransportId (globally unique) · 73aa7d14

akwizgran authored 13 years ago

and TransportIndex (locally unique).

This is the first step towards forward secrecy. Also removed the
Writable interface and unnecessary user-defined types, moved various
constants to ProtocolConstants and renamed some classes.

73aa7d14

Nov 08, 2011
- Advertise the Bluetooth address if the device is discoverable. · 7d09102c
  akwizgran authored 13 years ago
  
  7d09102c
- Patched Bluecove native code to work around a bug in OS X 10.4. · b1d08af5
  akwizgran authored 13 years ago
  
  b1d08af5
- Log the local Bluetooth address. · 531889bd
  akwizgran authored 13 years ago
  
  531889bd
- Added Bluecove source for debugging. · a1452152
  akwizgran authored 13 years ago
  
  a1452152
- Merge branch 'refs/heads/master' of... · 4bf55854
  akwizgran authored 13 years ago
  
  Merge branch 'refs/heads/master' of ssh://akwizgran@briar.git.sourceforge.net/gitroot/briar/prototype
  4bf55854
- Removed references to raw types. · 2c4c8824
  akwizgran authored 13 years ago
  
  2c4c8824
- Merge branch 'refs/heads/master' of... · 81012406
  akwizgran authored 13 years ago
  
  Merge branch 'refs/heads/master' of ssh://akwizgran@briar.git.sourceforge.net/gitroot/briar/prototype
  81012406
- Removed calls to supportsMulticast() for Java 1.5 compatibility. · ef6f6142
  akwizgran authored 13 years ago
  
  ef6f6142
- Fixed some comments. · 85e32703
  akwizgran authored 13 years ago
  
  85e32703
Oct 30, 2011
- Non-JUnit tests for LAN socket plugin. · 29eb9008
  akwizgran authored 13 years ago
  
  29eb9008
- You can't step in the same Enumeration twice. · 1b0bd696
  akwizgran authored 13 years ago
  
  1b0bd696
- Prefer LAN interfaces for invitations, WAN for connections. · 7065f54a
  akwizgran authored 13 years ago
  
  7065f54a
- Fixed test expectations. · d1676781
  akwizgran authored 13 years ago
  
  d1676781
- Try to close sockets when an exception is caught. · 681e8254
  akwizgran authored 13 years ago
  
  681e8254
- If no local address is configured, bind to any address. · 2c72b1e2
  akwizgran authored 13 years ago
  
  2c72b1e2