Maximum packet size is 4096 bits (or less)

Bug #892896 reported by aj00200 on 2011-11-20
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Anonplus
Critical
Vomun Security Team

Bug Description

The maximum packet size is 4096 bits because we are using 4096 bit RSA keys.
Messages need to be split at that size and encrypted. They then need to be sent to the remote host in a format that allows for decryption of multiple blocks.

This can be fixed by implementing the tmp-rsa blueprint. (Or the AES blueprint, which has been done :-))

aj00200 (aj00200) on 2011-12-27
description: updated
tags: added: encryption
aj00200 (aj00200) on 2012-01-03
Changed in anonplus:
milestone: none → build-8
importance: Undecided → High
al1ce (al1ce) on 2012-02-05
description: updated
aj00200 (aj00200) wrote :

I am working to setup proper use of the friend-identification blueprint which will make it easier to transition into using AES encryption. However, I am having problems with sending the 0x0000 packet. It seems we may actually need to fix this afterall.

Changed in anonplus:
importance: High → Critical
status: Confirmed → In Progress
aj00200 (aj00200) on 2012-02-09
Changed in anonplus:
assignee: aj00200 (aj00200) → Vomun Security Team (vomun-security)
aj00200 (aj00200) on 2012-03-25
summary: - Maximum packet size is 2048 bits (or less)
+ Maximum packet size is 4096 bits (or less)
description: updated
aj00200 (aj00200) wrote :

The bug now applies with a 4096 byte limit. I just increased the default key size from 2048 to 4096. The RSA keys will only be used for the diffie-hellman or tmp-rsa key exchange so it is better that have have the security. But this also gives us some more flexibility in the protocol.

Also, it will temporarily increase the message length limits until we can move past RSA encryption.

To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers