← Back to team overview

linuxdcpp-team team mailing list archive

  1. linuxdcpp-team team
  2. Mailing list archive
  3. Message #09013

[Bug 1445330] Re: CCPM and hub connection encryption

  Thread PreviousDate PreviousThread Next 
<eMTee> I often wondered why it isn't possible to initiate a CCPM
through a normal ADCH hub. I'm curious about how safe/unsafe could this
negotiation be, compared to existing ADCS hub and CC connection methods.

<cologic> It's certainly possible in principle to set up a secure
connection bootstrapped from an unsecured hub connection. That's how
public key cryptography works. I don't see it CCPM documented as such in
https://adc.sourceforge.io/ADC.html or https://adc.sourceforge.io/ADC-
EXT.html but from looking through PrivateWindow.cpp and
ConnectionManager.cpp, it appears to be just the usual type of C-C
connection with a different payload. But just as TLS can work on a C-C
connection for file transfers without (in principle; unsure what DC++
does in practice), so can one have this PM connection set up the same
way. So yeah, I think maksis has a point.

One might look at threat models -- the connection being "secure" to the hub doesn't help at all if one thinks the hub's the problem to begin with. If one views the issue as someone surveilling the hub, well, CCPM doesn't offer any real defense against the relevant attacks regardless of whether the hub's ADCS or not.
Mostly MitM variations. So, sure, it seems like it'd be fine to enable that for non-ADCS hubs.


** Changed in: dcplusplus
       Status: New => Confirmed

** Changed in: dcplusplus
   Importance: Undecided => Medium

-- 
You received this bug notification because you are a member of
Dcplusplus-team, which is subscribed to DC++.
https://bugs.launchpad.net/bugs/1445330

Title:
  CCPM and hub connection encryption

Status in AirDC++:
  Fix Released
Status in DC++:
  Confirmed

Bug description:
  I don't understand that why does DC++ require the hub connection be
  encrypted before the user can initiate CCPM connections. There's no
  such limitation for encrypted file transfers and I don't see it being
  mentioned in the extension specs either.

  DC++ won't even disallow CCPM connections via a non-encrypted ADC hub
  connection if the connection is established by another client.

To manage notifications about this bug go to:
https://bugs.launchpad.net/airdcpp/+bug/1445330/+subscriptions

References

  Thread PreviousDate PreviousThread Next