net2o: Hex Artifact Content

Artifact 14ce4b4b69648b9adacedb6a3885e4e0369060b4:

File wiki/ackcookies.md — part of check-in [84a642f922] at 2019-03-09 22:55:17 on branch trunk — Use html parser to convert wiki files to md files (user: bernd size: 969)
0000: 23 20 41 63 6b 20 63 6f 6f 6b 69 65 73 20 23 0a  # Ack cookies #.
0010: 0a 6e 65 74 32 6f 20 68 61 73 20 61 20 76 65 72  .net2o has a ver
0020: 79 20 6c 6f 77 20 62 61 6e 64 77 69 64 74 68 20  y low bandwidth 
0030: 61 63 6b 6e 6f 77 6c 65 64 67 65 20 70 72 6f 74  acknowledge prot
0040: 6f 63 6f 6c 20 28 6f 6e 65 20 61 63 6b 20 66 6f  ocol (one ack fo
0050: 72 20 33 32 20 70 61 63 6b 65 74 73 2c 0a 74 68  r 32 packets,.th
0060: 65 20 61 63 6b 20 69 73 20 61 20 73 6d 61 6c 6c  e ack is a small
0070: 20 70 61 63 6b 65 74 2c 20 36 34 20 6f 72 20 61   packet, 64 or a
0080: 74 20 6d 6f 73 74 20 31 32 38 20 62 79 74 65 73  t most 128 bytes
0090: 2c 20 77 68 69 6c 65 20 74 68 65 20 64 61 74 61  , while the data
00a0: 20 69 73 0a 33 32 6b 29 2e 20 41 6e 64 20 6e 65   is.32k). And ne
00b0: 74 32 6f 27 73 20 66 6c 6f 77 20 63 6f 6e 74 72  t2o's flow contr
00c0: 6f 6c 20 72 65 6c 69 65 73 20 6f 6e 20 74 68 65  ol relies on the
00d0: 20 72 65 63 65 69 76 65 72 20 74 6f 20 73 69 67   receiver to sig
00e0: 6e 61 6c 20 63 6f 72 72 65 63 74 20 74 69 6d 65  nal correct time
00f0: 0a 73 74 61 6d 70 73 2e 0a 0a 53 6f 20 61 20 6d  .stamps...So a m
0100: 61 6c 69 63 69 6f 75 73 20 72 65 63 65 69 76 65  alicious receive
0110: 72 20 63 61 6e 20 6a 75 73 74 20 73 70 6f 6f 66  r can just spoof
0120: 20 73 6f 6d 65 20 61 6e 73 77 65 72 73 20 61 6e   some answers an
0130: 64 20 64 72 69 76 65 20 74 68 65 20 73 65 6e 64  d drive the send
0140: 65 72 20 74 6f 0a 63 72 65 61 74 65 20 61 20 6c  er to.create a l
0150: 6f 74 20 6f 66 20 74 72 61 66 66 69 63 2e 20 54  ot of traffic. T
0160: 6f 20 70 72 65 76 65 6e 74 20 61 63 6b 6e 6f 77  o prevent acknow
0170: 6c 65 64 67 65 20 73 70 6f 6f 66 69 6e 67 2c 20  ledge spoofing, 
0180: 77 65 20 72 65 71 75 69 72 65 20 74 68 65 0a 72  we require the.r
0190: 65 63 65 69 76 65 72 20 74 6f 20 63 6f 6d 70 75  eceiver to compu
01a0: 74 65 20 61 20 22 63 6f 6f 6b 69 65 22 20 66 6f  te a "cookie" fo
01b0: 72 20 65 76 65 72 79 20 70 61 63 6b 65 74 20 74  r every packet t
01c0: 72 61 6e 73 6d 69 74 74 65 64 20 e2 80 94 20 74  ransmitted — t
01d0: 68 69 73 20 63 6f 6f 6b 69 65 20 69 73 0a 73 6f  his cookie is.so
01e0: 6d 65 74 68 69 6e 67 20 74 68 61 74 20 70 72 6f  mething that pro
01f0: 76 65 73 20 68 65 20 68 61 73 20 72 65 63 65 69  ves he has recei
0200: 76 65 64 20 61 6e 64 20 63 6f 72 72 65 63 74 6c  ved and correctl
0210: 79 20 64 65 63 72 79 70 74 65 64 20 74 68 65 20  y decrypted the 
0220: 70 61 63 6b 65 74 2c 20 62 75 74 0a 74 68 65 20  packet, but.the 
0230: 63 6f 6f 6b 69 65 20 69 74 73 65 6c 66 20 69 73  cookie itself is
0240: 20 61 63 74 75 61 6c 6c 79 20 6e 65 76 65 72 20   actually never 
0250: 73 65 6e 74 20 61 72 6f 75 6e 64 2e 20 57 65 20  sent around. We 
0260: 75 73 65 20 4b 65 63 63 61 6b 27 73 20 68 69 64  use Keccak's hid
0270: 64 65 6e 20 73 74 61 74 65 0a 74 6f 20 63 72 65  den state.to cre
0280: 61 74 65 20 74 68 69 73 20 63 6f 6f 6b 69 65 20  ate this cookie 
0290: e2 80 94 20 72 65 64 75 63 65 64 20 74 6f 20 61  — reduced to a
02a0: 20 36 34 20 62 69 74 20 6e 75 6d 62 65 72 20 28   64 bit number (
02b0: 74 68 69 73 20 69 73 20 6d 6f 72 65 20 74 68 61  this is more tha
02c0: 6e 0a 73 75 66 66 69 63 69 65 6e 74 20 e2 80 94  n.sufficient —
02d0: 20 61 6e 79 74 68 69 6e 67 20 61 6e 20 61 74 74   anything an att
02e0: 61 63 6b 65 72 20 63 61 6e 20 63 72 65 61 74 65  acker can create
02f0: 20 69 73 20 62 61 6e 64 77 69 64 74 68 29 2e 20   is bandwidth). 
0300: 57 65 20 78 6f 72 20 61 6c 6c 20 63 6f 6f 6b 69  We xor all cooki
0310: 65 73 0a 6f 66 20 6f 6e 65 20 61 63 6b 6e 6f 77  es.of one acknow
0320: 6c 65 64 67 65 20 6c 75 6d 70 20 74 6f 67 65 74  ledge lump toget
0330: 68 65 72 2e 0a 0a 41 20 6d 61 6c 69 63 69 6f 75  her...A maliciou
0340: 73 20 72 65 63 65 69 76 65 72 20 77 68 6f 20 63  s receiver who c
0350: 72 65 61 74 65 73 20 65 78 63 65 73 73 69 76 65  reates excessive
0360: 20 74 72 61 66 66 69 63 20 6e 6f 77 20 77 69 6c   traffic now wil
0370: 6c 20 6e 6f 74 20 72 65 63 65 69 76 65 20 74 68  l not receive th
0380: 65 0a 70 61 63 6b 65 74 73 20 61 6e 79 6d 6f 72  e.packets anymor
0390: 65 2c 20 77 68 69 63 68 20 70 72 65 76 65 6e 74  e, which prevent
03a0: 73 20 68 69 6d 20 66 72 6f 6d 20 63 72 65 61 74  s him from creat
03b0: 69 6e 67 20 61 20 6c 65 67 69 74 20 61 63 6b 6e  ing a legit ackn
03c0: 6f 77 6c 65 64 67 65 2e 0a                       owledge..