From 9a1ab5babfa0a6eeb9904400d66b42b6717a4465 Mon Sep 17 00:00:00 2001 From: Duke Leto Date: Thu, 13 Feb 2020 09:40:40 -0500 Subject: [PATCH] Convert conversation id to a UUID This UUID is only needed to be unique for any pair of (Alice,Bob) having a conversation. In the future when group chats are supported, we will need them to be unique for all users in the chat. We do not rely on this ID to be globally unique for all Hush chats in any way. Without a conversation id, Charlie the attacker can attempt to impersonate Alice or Bob if he knows some or all of the zaddrs involved. If the conversation id was predictable, such as the SHA256 hash of both zaddrs, Charlie could predict it if he knew both zaddrs, which is likely to happen in many attack scenarios. If cid had a small number of possible values, the attacker could "grind" all of them and eat the cost of the extra tx fees, so cid must have a large state space. QUuid gives us essentially a random 128bit number, which is twice the protection as a random int64. This mitigation will not be needed once HIP304 and z_signmessage/z_verifymessage are complete, which allow us to have fully authenticated and signed messages from zaddrs. --- src/mainwindow.cpp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/mainwindow.cpp b/src/mainwindow.cpp index 987d07f..5e85286 100644 --- a/src/mainwindow.cpp +++ b/src/mainwindow.cpp @@ -193,8 +193,8 @@ void MainWindow::sendMemo() { //TODO: verify we currently own the private key to this zaddr via z_validateaddress tx.fromAddr = chat.getMyZaddr(); double amount = 0; - //TODO: cid=random int64 or sha256 - QString cid = QString::number( time(NULL) % std::rand() ); // low entropy for testing! + //QString cid = QString::number( time(NULL) % std::rand() ); // low entropy for testing! + QString cid = QUuid::createUuid().toString(QUuid::WithoutBraces); QString hmemo= createHeaderMemo(cid,chat.getMyZaddr()); QString memo = ui->textEdit->toPlainText(); QString addr = contact.getZaddr();