Hello!,
This is the first post after midterms! Congratulations to all GSoC-P2PSP students :)
This is small status update after midterms.
I have the next goals for the second part of GSoC program:
1. Sending new message structure.
STrPe-DS offers new chunk message structure. Now it's just tuple of (chunk_number, chunk). In STrPe-DS this tuple looks like (chunk_number, chunk, dst, sign), where dst is receiver of transmitted chunk and sign is S(H(chunk_number + chunk + dst)). H is just hash function (ie SHA256) and S - sign of this hash. Here is code that builds such messages:
As you can see, the code above computes hash of string, and then sign this hash. Sign contains two numbers. Next, this method constructs binary message.
Also, peer have to accept such messages. I've override several methods, see the code below:
This code just unpacks message with new message format, and returns tuple which expected by other code. process_message method is overriden since in this method will be implemented checking actions.
2. Sending DSA key
Also, I've implemented sending and accepting DSA key. Here is some code:
Splitter:
And peer:
It should be noted that only splitter can sign the messages, since we don't send the private part of the DSA key. Peers can only verify messages.
To test current version of STrPe-DS you can use this commands:
Also, you can read more about STrPe-DS in this paper.
And you can see the diff between master and STrPe-DS branches here.
Thanks!
This is the first post after midterms! Congratulations to all GSoC-P2PSP students :)
This is small status update after midterms.
I have the next goals for the second part of GSoC program:
- Implement STrPe-DS mechanism,
- test both STrPe and STrPe-DS,
- try to suggest new defense strategy without TTP (third trusted party).
1. Sending new message structure.
STrPe-DS offers new chunk message structure. Now it's just tuple of (chunk_number, chunk). In STrPe-DS this tuple looks like (chunk_number, chunk, dst, sign), where dst is receiver of transmitted chunk and sign is S(H(chunk_number + chunk + dst)). H is just hash function (ie SHA256) and S - sign of this hash. Here is code that builds such messages:
def get_message(self, chunk_number, chunk, dst): m = str(chunk_number) + str(chunk) + str(dst) h = SHA256.new(m).digest() k = random.StrongRandom().randint(1, self.dsa_key.q-1) sig = self.dsa_key.sign(h,k) return struct.pack('H1024s40s40s', socket.htons(chunk_number), chunk, self.long_to_hex(sig[0]), self.long_to_hex(sig[1]))
As you can see, the code above computes hash of string, and then sign this hash. Sign contains two numbers. Next, this method constructs binary message.
Also, peer have to accept such messages. I've override several methods, see the code below:
def process_message(self, message, sender): # here hash checking will be implemented return Peer_DBS.process_message(self, message, sender) def unpack_message(self, message): # {{{ chunk_number, chunk, k1, k2 = struct.unpack(self.message_format, message) chunk_number = socket.ntohs(chunk_number) return chunk_number, chunk
This code just unpacks message with new message format, and returns tuple which expected by other code. process_message method is overriden since in this method will be implemented checking actions.
2. Sending DSA key
Also, I've implemented sending and accepting DSA key. Here is some code:
Splitter:
def send_dsa_key(self, sock): # send Public key (y), Sub-group generator (g), Modulus, finite field order (p), Sub-group order (q) y = self.long_to_hex(self.dsa_key.y) g = self.long_to_hex(self.dsa_key.g) p = self.long_to_hex(self.dsa_key.p) q = self.long_to_hex(self.dsa_key.q) message = struct.pack('256s256s256s40s', y, g, p, q) sock.sendall(message)
And peer:
def receive_dsa_key(self): message = self.splitter_socket.recv(struct.calcsize("256s256s256s40s")) y, g, p, q = struct.unpack("256s256s256s40s", message) y = long(y, 16) g = long(g, 16) p = long(p, 16) q = long(q, 16) self.dsa_key = DSA.construct((y, g, p, q)) _print_("DSA key received") _print_("y = " + str(self.dsa_key.y)) _print_("g = " + str(self.dsa_key.g)) _print_("p = " + str(self.dsa_key.p)) _print_("q = " + str(self.dsa_key.q))
It should be noted that only splitter can sign the messages, since we don't send the private part of the DSA key. Peers can only verify messages.
To test current version of STrPe-DS you can use this commands:
$ vlc Big_Buck_Bunny_small.ogv --sout "#duplicate{dst=standard{mux=ogg,dst=,access=http}}" & $ ./splitter.py --source_port 8080 --strpeds $ ./peer.py --use_localhost --strpeds $ vlc http://localhost:9999
Also, you can read more about STrPe-DS in this paper.
And you can see the diff between master and STrPe-DS branches here.
Thanks!
Комментариев нет:
Отправить комментарий