Groove, and GAK
Adrian Midgley
Adrian Midgley" <akm at 92tr.freeserve.co.uk
Thu, 8 Feb 2001 20:12:11 -0000
Forwarded
Groove Networks have published some quite detailed backgrounders on
their
peer-to-peer security architecture; worthwhile reading.
http://www.groove.net/feature/security/securitybrief.pdf (short
and
fluffy)
http://www.groove.net/feature/security/ch18.gtml (long and
gnarly)
To summarise: they're using some interesting techniques to secure
Groove
shared space ("distributed virtual object store") and instant
messaging
collaborations, implemented on pretty reputable algorithms
(1536-bit-modulus ElGamal, 192-bit MARC4, HMAC/SHA1 and DH).
There's a Q&A forum (registration required to post), at
http://www.groove.net/forums/categories.gtml?catid=24
In the UK this raises some interesting issues around GAK; because of
its
decentralisation, and because this seems to be the first _consumer_
communications tool with such strong crypto designed for "zero effort,
zero
configuration" security.
-Hugh
hpyle@agora.co.uk