Tom qab kev tshuaj xyuas: dab tsi paub txog qhov kev tawm tsam tshiab kawg ntawm SKS Keyserver network ntawm crypto key servers

Cov neeg nyiag nkas tau siv qhov tshwj xeeb ntawm OpenPGP raws tu qauv uas tau paub ntau tshaj kaum xyoo.

Peb qhia koj tias lub ntsiab lus yog dab tsi thiab vim li cas lawv tsis tuaj yeem kaw.

/unsplash/ Chunla Ju

Network teeb meem

Hauv nruab nrab Lub Rau Hli, tsis paub tau tawm tsam mus rau lub network ntawm cryptographic key servers SKS Keyserver, ua rau ntawm OpenPGP raws tu qauv. Qhov no yog tus qauv IETF (RFC 4880), uas yog siv los encrypt email thiab lwm yam lus. SKS network tau tsim peb caug xyoo dhau los los faib cov ntawv pov thawj rau pej xeem. Nws suav nrog cov cuab yeej xws li GnuPG rau encrypting cov ntaub ntawv thiab tsim hluav taws xob digital kos npe.

Hackers cuam tshuam cov ntawv pov thawj ntawm ob tus neeg saib xyuas GnuPG project, Robert Hansen thiab Daniel Gillmor. Thauj daim ntawv pov thawj tsis zoo los ntawm lub server ua rau GnuPG ua tsis tiav - lub kaw lus tsuas yog khov. Muaj qhov laj thawj ntseeg tias cov neeg tawm tsam yuav tsis tso tseg, thiab cov ntawv pov thawj tsis txaus ntseeg tsuas yog nce ntxiv. Tam sim no, qhov teeb meem ntawm qhov teeb meem tseem tsis paub.

Lub ntsiab ntawm kev tawm tsam

Hackers tau siv qhov zoo ntawm qhov tsis zoo hauv OpenPGP raws tu qauv. Nws tau paub rau cov zej zog ntau xyoo lawm. Txawm nyob ntawm GitHub nrhiav tau coj los siv. Tab sis tam sim no tsis muaj leej twg tau ua lub luag haujlwm rau kaw "lub qhov" (peb yuav tham txog cov laj thawj hauv kev nthuav dav ntxiv tom qab).

Ob peb xaiv los ntawm peb qhov blog ntawm Habre:

• SDN digest - rau qhib qhov chaw emulators
• Yuav Ua Li Cas Tsim SDN - Yim Qhib Cov Cuab Yeej
• Network digest: 17 cov ntaub ntawv kws tshaj lij txog Wi-Fi thiab 5G

Raws li OpenPGP specification, leej twg tuaj yeem ntxiv kos npe digital rau daim ntawv pov thawj los txheeb xyuas lawv tus tswv. Ntxiv mus, qhov siab tshaj plaws ntawm kev kos npe tsis raug tswj nyob rau hauv txhua txoj kev. Thiab ntawm no muaj teeb meem tshwm sim - SKS network tso cai rau koj tso li 150 txhiab kos npe rau ntawm ib daim ntawv pov thawj, tab sis GnuPG tsis txhawb nqa tus lej ntawd. Yog li, thaum thauj daim ntawv pov thawj, GnuPG (nrog rau lwm qhov kev siv OpenPGP) khov.

Ib ntawm cov neeg siv ua ib qho kev sim - importing daim ntawv pov thawj coj nws li 10 feeb. Daim ntawv pov thawj muaj ntau tshaj 54 txhiab kos npe, thiab nws qhov hnyav yog 17 MB:

$ gpg --homedir=$PWD --recv C4BC2DDB38CCE96485EBE9C2F20691179038E5C6
gpg: key F20691179038E5C6: 4 duplicate signatures removed
gpg: key F20691179038E5C6: 54614 signatures not checked due to missing keys
gpg: key F20691179038E5C6: 4 signatures reordered
gpg: key F20691179038E5C6: public key "Daniel Kahn Gillmor <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1
$ ls -lh pubring.gpg
-rw-r--r--  1 filippo  staff    17M  2 Jul 16:30 pubring.gpg

Txhawm rau ua qhov tsis zoo, OpenPGP cov servers tseem ceeb tsis tshem tawm cov ntaub ntawv pov thawj. Qhov no ua tiav kom koj tuaj yeem taug qab cov saw ntawm txhua qhov kev ua nrog daim ntawv pov thawj thiab tiv thaiv lawv cov kev hloov pauv. Yog li ntawd, nws tsis yooj yim sua kom tshem tawm cov ntsiab lus cuam tshuam.

Qhov tseem ceeb, SKS network yog "cov ntaub ntawv server" loj uas leej twg tuaj yeem sau cov ntaub ntawv. Txhawm rau piav qhia qhov teeb meem, xyoo tas los GitHub neeg nyob tsim ib cov ntaub ntawv system, uas khaws cov ntaub ntawv ntawm lub network ntawm cryptographic key servers.

Vim li cas ho tsis muaj qhov tsis zoo kaw?

Tsis muaj laj thawj los kaw qhov tsis zoo. Yav dhau los, nws tsis tau siv rau hacker tawm tsam. Txawm tias IT zej zog nug tau ntev SKS thiab OpenPGP cov neeg tsim khoom yuav tsum tau them sai sai rau qhov teeb meem.

Yuav kom ncaj ncees, nws tsim nyog sau cia tias nyob rau lub Rau Hli lawv tseem pib sim tus yuam sij server keys.openpgp.org. Nws muab kev tiv thaiv tawm tsam cov hom kev tawm tsam no. Txawm li cas los xij, nws cov ntaub ntawv khaws cia los ntawm kos, thiab lub server nws tus kheej tsis yog ib feem ntawm SKS. Yog li ntawd, nws yuav siv sij hawm ua ntej nws yuav siv tau.

/unsplash/ Rubén Bagües

Raws li cov kab laum nyob rau hauv thawj qhov system, ib tug complex synchronization mechanism tiv thaiv nws los ntawm kev kho. Cov neeg rau zaub mov tseem ceeb hauv lub network tau sau los ua pov thawj ntawm lub tswv yim rau Yaron Minsky's doctoral thesis. Ntxiv mus, ib hom lus tshwj xeeb, OCaml, tau raug xaiv los ua haujlwm. Los ntawm raws li tus kws saib xyuas Robert Hansen, txoj cai nyuaj rau kev nkag siab, yog li tsuas yog kho me me rau nws. Txhawm rau hloov kho SKS architecture, nws yuav tsum tau rov sau dua los ntawm kos.

Txawm li cas los xij, GnuPG tsis ntseeg tias lub network yuav raug kho. Hauv kev tshaj tawm ntawm GitHub, cov neeg tsim khoom txawm sau tias lawv tsis pom zoo ua haujlwm nrog SKS Keyserver. Qhov tseeb, qhov no yog ib qho laj thawj tseem ceeb vim li cas lawv tau pib hloov mus rau qhov kev pabcuam tshiab keys.openpgp.org. Peb tsuas tuaj yeem saib qhov kev txhim kho ntxiv ntawm cov xwm txheej.

Ob peb ntawm cov ntaub ntawv los ntawm peb cov tuam txhab blog:

• Botnet "spam" los ntawm routers: koj yuav tsum paub dab tsi
• DDoS thiab 5G: tuab "pipe" txhais tau tias muaj teeb meem ntau dua
• Firewall lossis DPI - cov cuab yeej tiv thaiv rau ntau lub hom phiaj
• Internet rau lub zos - tsim lub xov tooj cua relay Wi-Fi network

Tau qhov twg los: www.hab.com