#52555 - [RFC PATCH 0/3] Decentralized substitute distribution with ERIS

Package	Source(s)		Maintainer(s)
guix-patches		PTS Buildd Popcon

Message #115 received at 52555@debbugs.gnu.org (full text, mbox, reply):

Received: (at 52555) by debbugs.gnu.org; 2 Feb 2022 11:21:05 +0000
From debbugs-submit-bounces@debbugs.gnu.org Wed Feb 02 06:21:05 2022
Received: from localhost ([127.0.0.1]:51649 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces@debbugs.gnu.org>)
	id 1nFDhB-00025j-8r
	for submit@debbugs.gnu.org; Wed, 02 Feb 2022 06:21:05 -0500
Received: from mout02.posteo.de ([185.67.36.66]:46045)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <pukkamustard@posteo.net>) id 1nFDh8-00024r-5n
 for 52555@debbugs.gnu.org; Wed, 02 Feb 2022 06:21:04 -0500
Received: from submission (posteo.de [89.146.220.130]) 
 by mout02.posteo.de (Postfix) with ESMTPS id 285FE240103
 for <52555@debbugs.gnu.org>; Wed,  2 Feb 2022 12:20:55 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017;
 t=1643800856; bh=pNHT9Ob/g9tMWWqHoN2a1tCk6AY/iboxTEfny8CifK8=;
 h=From:To:Cc:Subject:Date:From;
 b=N9GnxVzwSKNW92Zg8Qgddb5eGbZUR1y30Js0tVxFjUUsaBBh1nNQbBh1r9ALMG4xQ
 sI/P0SzWhjb7IrYIFzZkrXWKc2UC8LzSQsl4VNdrrEQyKE6gjtQQihLyc9BspJccD2
 ZuBQn7X9DWWnT1N6AU+z43svr1AEPSxFYjsmLxq3gekYezDIULwswVx2h293gAy9Dz
 XtJzVCaPQwLWBh6xhUxsISBAWb8R38Wwt0AXflRs88rlUG9VHyrLIR4DMvguyeF7aD
 t/Hbv4r8wgMmn07shRuQ+ZKWUCOI3DYZE//T4pxuK/FvNTjzNROmLIe7O6XeWihey8
 Op04GXSyjTEog==
Received: from customer (localhost [127.0.0.1])
 by submission (posteo.de) with ESMTPSA id 4JpfVv0TMSz9rxG;
 Wed,  2 Feb 2022 12:20:54 +0100 (CET)
References: <20211216161724.547-1-pukkamustard@posteo.net>
 <20220125192201.7582-1-pukkamustard@posteo.net>
 <73b50ffdca94407ef9fd7ef4875985a3b1c3c568.camel@telenet.be>
From: pukkamustard <pukkamustard@posteo.net>
To: Maxime Devos <maximedevos@telenet.be>
Subject: Re: [bug#52555] [RFC PATCH v2 0/5] Decentralized substitute
 distribution with ERIS
Date: Wed, 02 Feb 2022 11:10:58 +0000
In-reply-to: <73b50ffdca94407ef9fd7ef4875985a3b1c3c568.camel@telenet.be>
Message-ID: <86bkzph5ux.fsf@posteo.net>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Score: -2.3 (--)
X-Debbugs-Envelope-To: 52555
Cc: ~pukkamustard/eris@lists.sr.ht, 52555@debbugs.gnu.org
X-BeenThere: debbugs-submit@debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit@debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request@debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request@debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces@debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces@debbugs.gnu.org>
X-Spam-Score: -3.3 (---)

Maxime Devos <maximedevos@telenet.be> writes:

> [[PGP Signed Part:Undecided]]
> Hi,
>
> Is it possible for the following situation to happen?
> If so, why not?
>
>   1. server A is authentic
>   2. server M is malicious, it tries to trick the client into
>      installing an incorrect substitute
>   3. (key of) server A is authorised
>   4. (key of) server M is _not_ authorised
>   5. server A and M are both in substitute-urls
>   6. server A only serves ‘classical’ substitutes, server B also serves
>      via ERIS+ipfs
>   7. Both A and M set the same FileHash, References, etc. in the
>      narinfo
>   8. However, M set an ERIS URN pointing to a backdoored substitute.
>   9. The client trusts A, and A and B have the same FileHash etc.,
>      so the client considers the narinfo of B to be authentic
>      because it has the same FileHash.
>  10. The client prefers ERIS above HTTP(S), so it downloads via M.
>  11. The client now installed a backdoored substitute!
>
> Greetings,
> Maxime.

No this should not work.

The ERIS URN is only used if the entire narinfo is signed with a
authorized signature. The FileHash is not used when getting substitutes
via ERIS (being able to decode ERIS content implies integrity).

The interesting case that would be allowed with ERIS is following:

1. Server A is authentic and its key is authorized.
2. Servers M1 to MN are potentially malicious and their keys are not
   authorized.
3. Server A and servers M1 to MN are in the substitute-urls.
4. Client gets Narinfo from server A and uses the ERIS URN from there.
5. Client can get blocks simultaneously from Server A and servers M1 to
   MN.
6. Client decodes content with the ERIS URN and can be sure that they
   have the valid substitute.

So client only needs to trust A but can use M1-MN (simultaneously) for
fetching the content.

-pukkamustard

Display info messages

Send a report that this bug log contains spam.

debbugs.gnu.org maintainers <help-debbugs@gnu.org>. Last modified: Mon Sep 8 07:03:53 2025; Machine Name: wallace-server

GNU bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

#52555 [RFC PATCH 0/3] Decentralized substitute distribution with ERIS