Fix #748 - Check hash of sig instead of message contents #783

Merged
Atheros1 merged 2 commits from master into master 2015-02-22 01:44:00 +01:00
Atheros1 commented 2015-02-22 00:13:13 +01:00 (Migrated from github.com)

This change addresses the fact that checking for unique(sender + receiver + subject + message) isn't a very good way of detecting duplicate messages; sometimes people do send the same message and expect it to show up. This change instead uses a hash of the signature in a message as a sort of UUID. This way if an attacker creates duplicate objects by recalculating nonces, the duplicates won't show up in receiver's clients because the signatures within the objects will all be the same.
Note that this change would make it so that if a normal sender sends a message and the receiver receives it but the sender doesn't hear an acknowledgement, the sender would resend the message and the message would show up as a duplicate in the receiver's client.

This change addresses the fact that checking for unique(sender + receiver + subject + message) isn't a very good way of detecting duplicate messages; sometimes people do send the same message and expect it to show up. This change instead uses a hash of the signature in a message as a sort of UUID. This way if an attacker creates duplicate objects by recalculating nonces, the duplicates won't show up in receiver's clients because the signatures within the objects will all be the same. Note that this change would make it so that if a normal sender sends a message and the receiver receives it but the sender doesn't hear an acknowledgement, the sender would resend the message and the message would show up as a duplicate in the receiver's client.
This repo is archived. You cannot comment on pull requests.
No description provided.