https://redmine.named-data.net/https://redmine.named-data.net/favicon.ico?14759811232016-10-16T14:39:08ZNDN project issue tracking systemNAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=172802016-10-16T14:39:08ZZhiyi Zhangzhangzhiyi1919@gmail.com
<ul><li><strong>Status</strong> changed from <i>New</i> to <i>Code review</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>80</i></li></ul> NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=173752016-10-23T11:33:42ZZhiyi Zhangzhangzhiyi1919@gmail.com
<ul></ul><p>Seems there is no one reviewing the code. Wonder who can do this?</p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=176022016-11-20T12:55:55ZZhiyi Zhangzhangzhiyi1919@gmail.com
<ul><li><strong>Status</strong> changed from <i>Code review</i> to <i>Closed</i></li><li><strong>% Done</strong> changed from <i>80</i> to <i>100</i></li></ul> NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=176142016-11-21T10:37:14ZAnonymous
<ul></ul><p>This change stores the unencrypted private key in the Sqlite file. Have you thought about the security risks of this? Did you consider if it would it be better to keep the private key in memory between calls to getGroupKey?</p>
<p><a href="https://github.com/named-data/ndn-group-encrypt/blob/master/src/group-manager-db.cpp#L342">https://github.com/named-data/ndn-group-encrypt/blob/master/src/group-manager-db.cpp#L342</a></p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=176252016-11-22T09:56:53ZZhiyi Zhangzhangzhiyi1919@gmail.com
<ul></ul><p>Jeff Thompson wrote:</p>
<blockquote>
<p>This change stores the unencrypted private key in the Sqlite file. Have you thought about the security risks of this? Did you consider if it would it be better to keep the private key in memory between calls to getGroupKey?</p>
<p><a href="https://github.com/named-data/ndn-group-encrypt/blob/master/src/group-manager-db.cpp#L342">https://github.com/named-data/ndn-group-encrypt/blob/master/src/group-manager-db.cpp#L342</a></p>
</blockquote>
<p>Yes, there could be a security problem, I will try to figure it out.</p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=185612017-03-15T10:27:36ZAnonymous
<ul><li><strong>Status</strong> changed from <i>Closed</i> to <i>Feedback</i></li></ul><p>Status changed to Feedback while reviewing the security concern for storing raw private keys.</p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=185622017-03-15T10:27:58ZZhehao Wangwangzhehao410305@gmail.com
<ul></ul><p>Zhiyi Zhang wrote:</p>
<blockquote>
<p>Yes, there could be a security problem, I will try to figure it out.</p>
</blockquote>
<p>@Zhiyi I wonder if there are any updates to this?</p>
<p>(This update in CCL would be helpful for the current NDNFit application.)</p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=185822017-03-21T12:46:37ZZhiyi Zhangzhangzhiyi1919@gmail.com
<ul></ul><p>Zhehao Wang wrote:</p>
<blockquote>
<p>Zhiyi Zhang wrote:</p>
<blockquote>
<p>Yes, there could be a security problem, I will try to figure it out.</p>
</blockquote>
<p>@Zhiyi I wonder if there are any updates to this?</p>
<p>(This update in CCL would be helpful for the current NDNFit application.)</p>
</blockquote>
<p><a href="https://gerrit.named-data.net/#/c/3784/">https://gerrit.named-data.net/#/c/3784/</a></p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=189962017-05-10T08:28:33ZAnonymous
<ul></ul><p>I see a commit to GitHub. Is this issue resolved?</p>
<p><a href="https://github.com/named-data/name-bases-access-control/commit/8992e7327c412f1c5d5939423d50c7aa6a9cb371">https://github.com/named-data/name-bases-access-control/commit/8992e7327c412f1c5d5939423d50c7aa6a9cb371</a></p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=189972017-05-10T10:03:43ZAnonymous
<ul></ul><p>In group-manager-db.hpp, cleanEKeys is private but nothing calls it. Maybe it should be public so that the application cal call it periodically? <br>
<a href="https://github.com/named-data/name-bases-access-control/blob/67f90aa6610bf936d87712c6992c4727d7f5d9b8/src/group-manager-db.hpp#L195">https://github.com/named-data/name-bases-access-control/blob/67f90aa6610bf936d87712c6992c4727d7f5d9b8/src/group-manager-db.hpp#L195</a></p>
NAC - Bug #3812: Change logic in GroupManger.getGroupKey() to avoid regenerate group key pairs every time.https://redmine.named-data.net/issues/3812?journal_id=234812018-06-15T16:09:40ZAlex Afanasyev
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Abandoned</i></li></ul>