-
Notifications
You must be signed in to change notification settings - Fork 659
Description
I would like to start a discussion about the need for secure connections.
We are using a custom 'Secure sockets (STCP socket class)' implementation that performs EC Diffie–Hellman key exchange and sets up an AES-encrypted stream between two peers using the shared secret.
If I am not missing anything, this approach does nothing but hides the traffic between the two peers.
This seems to me like something we don't need, because the data that flows between the peers is all public information.
Neither does this protect the peers against MITM attacks.
All this at some performance cost of encrypting/decrypting the data. Sure, this may be alleviated on platforms that support hardware AES instructions.
Removing one level of abstraction in the code base may be also an appealing motivation.
To sum it up,
We could replace STCP connections with pure TCP connections.
Reasons for removing STCP:
- looks like it is not needed
- the data that flows through is already publicly available
- removes the performance cost associated with AES crypto
- makes running lightweight nodes on embedded platforms interesting
- simpler network debugging (inspecting the flow on the network)
Reasons for further discussion:
- backward compatibility with clients expecting STCP connections (I already have an idea)
- maybe I am missing some reasons why we need STCP