Thank you lime@feddi.nu for detecting this vulnerability.

A vulnerability was found:

A malevolent node can spoof data if:

It is sharing the specific data
It has access to the link file

Note: both conditions must be met.

Because it has now access to the AES key pair in the link file and can encode bad data and serve it to an eventual client.

Solution:

Add a payload to each data which is generated like this:

SHA256 the data
Encrypt the SHA with the private RSA key

Check it with the public RSA that is already in the link file when downloading data by:

When the data is fully downloaded:

Remove the SHA256 from the data
Decrypt it with the public RSA key in the link file
SHA256 the data (the data without the SHA256)
Compare the two SHA, if not identical then there has been errors or tampering.
  • ValmondOP
    link
    fedilink
    English
    arrow-up
    1
    ·
    6 days ago

    The version is now also verified so that a malevolent node cannot masquerade and serve an old, correct, dataset like it was a newer version.