Opened 4 weeks ago

Last modified 9 days ago

#2643 new enhancement

Add freedom choice to users to choose which router connect to

Reported by: anonymous maybe Owned by:
Priority: minor Milestone: undecided
Component: unspecified Version: 0.9.43
Keywords: Cc:
Parent Tickets: Sensitive: no

Description (last modified by anonymous maybe)

Since I2P by itself a node which the user can control , it would be as well the freedom to make the user free to choose which versions of I2Ps his netdb accepting.

as old I2P are crypto horrible using SHA-1 which been proven to be broken and weak you can read about that:

https://web.archive.org/web/20191025114519/https://shattered.io/static/shattered.pdf

https://www.schneier.com/blog/archives/2005/02/sha1_broken.html

So the suggestion is either:

  • Remove old bad routers with SHA-1 signatures

or

  • Give the user his freedom to choose which version his router accepting from I2P versions

Rejecting both ideas its like forcing the user traffic to have some SHA-1 within

Subtickets

Change History (6)

comment:1 Changed 4 weeks ago by anonymous maybe

Description: modified (diff)

comment:2 Changed 4 weeks ago by anonymous maybe

Description: modified (diff)

comment:3 Changed 4 weeks ago by zzz

Priority: majorminor
Status: newinfoneeded_new
  • anything optional is very low priority
  • please provide justification on why connecting to a sha-1 router affects your security
  • there's various checks for min versions already (for tunnels, floodfills, etc.), please describe why those checks are insufficient

comment:4 Changed 2 weeks ago by anonymous maybe

Status: infoneeded_newnew

anything optional is very low priority

Ah i see, thanks for informing

please provide justification on why connecting to a sha-1 router affects your security

because its unsafe broken since more than a decade? using it or using plain text just not much of a different for high machines (super computers) to deal with.

there's various checks for min versions already (for tunnels, floodfills, etc.), please describe why those checks are insufficient

  • Apps opening tunnels in I2Prouter:

I2P doesnt ask for which tunnel configuration the apps should use when the app tries to connect to it like what tunnel signature,length..etc should they choose when they connect to I2Prouter so user cant control that. Means i2p tunnels are not self defense against SHA-1 usage , thus even if the router https,http,IRC..etc only configured to be using safe signatures by this method it can downgrade it through any other up has intentional or unintentional push for SHA-1 only usage (user cant know).(im talking about any third party application tried to connect to I2Prouter)

  • I2P force I2P

when i2ps talk (connect) to each other, if one i2prouter brought from old versions (using only sha1) and spread alot copies of it to produce SHA-1 only signatures , i dont think anyone will notice this is a harmful thing but it actually just a catching net of other I2Ps which they are passing through this (SHA1) net to decrypt the messages forward and backward. if the attacker succeeded to have one router inbound and one router outbound for the same I2P user which happen to passes his traffic among them this is case closed decryption. While if the encryption only using high signatures like SHA3 or so even if the attacker has both in/out connection control he cant read what the messages because they are encrypted. (this can be done by an old I2P used on users level or Eepsites ..etc doesnt matter what the purpose of this sha1 i2p going to be used. I2P DHT also effected by this method as there is no real end to end encryption)

  • Signatures changing itself to SHA-1 , deprecating the user configurations

ticket already opened https://trac.i2p2.de/ticket/2525

  • Regardless of the above reasons, user should have control on minimizing unwanted threats whether they are theoretical or practical. I2P just give headshot to the new helpers by forcing them to have these kind of trash encryption in their circles.

Tor has an EOL program/scheduling hope we have the same thing as well:

https://blog.torproject.org/removing-end-life-relays-network


Last edited 13 days ago by anonymous maybe (previous) (diff)

comment:5 Changed 10 days ago by zzz

Thanks for your comments. You've given us some things to think about, still not sure what the specific threat is of, I guess, some router spoofing the signature of another router?
Android was still on SHA-1 by default, should have changed it a while ago, I just changed it in 92f4e3cdf70bf3d527657842b5666e299136a3a6 to be 0.9.43-4.

I'll also take another look at #2525 to see if there's anything we can do easily.

comment:6 in reply to:  5 Changed 9 days ago by anonymous maybe

Thanks for your comments. You've given us some things to think about, still not sure what the specific threat is of, I guess, some router spoofing the signature of another router?

yep thats possible as well.

You Welcome!

Note: See TracTickets for help on using tickets.