From 54c6ff1c419fffcb12ae33e45208b6dbe8914c02 Mon Sep 17 00:00:00 2001 From: Matthias Schiffer Date: Sat, 23 Feb 2013 20:16:13 +0100 Subject: Subtract splay time to key refresh interval A random splay time of up to 5 minutes will ensure that simultaneous handshakes with many peers are desynchronized as fast as possible. --- src/config.c | 1 + src/fastd.h | 1 + src/method_aes128_gcm.c | 2 +- src/method_xsalsa20_poly1305.c | 2 +- 4 files changed, 4 insertions(+), 2 deletions(-) diff --git a/src/config.c b/src/config.c index 5bfda15..c866b14 100644 --- a/src/config.c +++ b/src/config.c @@ -114,6 +114,7 @@ static void default_config(fastd_config_t *conf) { conf->method_default = &fastd_method_null; conf->key_valid = 3600; /* 60 minutes */ conf->key_refresh = 3300; /* 55 minutes */ + conf->key_refresh_splay = 300; /* 5 minutes */ #ifdef USE_CRYPTO_AES128CTR conf->crypto_aes128ctr = fastd_crypto_aes128ctr_default; diff --git a/src/fastd.h b/src/fastd.h index 3ebb44f..8b6eb7e 100644 --- a/src/fastd.h +++ b/src/fastd.h @@ -208,6 +208,7 @@ struct fastd_config { char *secret; unsigned key_valid; unsigned key_refresh; + unsigned key_refresh_splay; #ifdef USE_CRYPTO_AES128CTR const fastd_crypto_aes128ctr_t *crypto_aes128ctr; diff --git a/src/method_aes128_gcm.c b/src/method_aes128_gcm.c index 7dfabef..867e873 100644 --- a/src/method_aes128_gcm.c +++ b/src/method_aes128_gcm.c @@ -109,7 +109,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, u session->valid_till.tv_sec += ctx->conf->key_valid; session->refresh_after = ctx->now; - session->refresh_after.tv_sec += ctx->conf->key_refresh; + session->refresh_after.tv_sec += ctx->conf->key_refresh - fastd_rand(ctx, 0, ctx->conf->key_refresh_splay); fastd_block128_t key; memcpy(key.b, secret, sizeof(fastd_block128_t)); diff --git a/src/method_xsalsa20_poly1305.c b/src/method_xsalsa20_poly1305.c index 655f61b..4cadca9 100644 --- a/src/method_xsalsa20_poly1305.c +++ b/src/method_xsalsa20_poly1305.c @@ -102,7 +102,7 @@ static fastd_method_session_state_t* method_session_init(fastd_context_t *ctx, u session->valid_till.tv_sec += ctx->conf->key_valid; session->refresh_after = ctx->now; - session->refresh_after.tv_sec += ctx->conf->key_refresh; + session->refresh_after.tv_sec += ctx->conf->key_refresh - fastd_rand(ctx, 0, ctx->conf->key_refresh_splay); memcpy(session->key, secret, crypto_secretbox_xsalsa20poly1305_KEYBYTES); -- cgit v1.2.3