open.source/magic-wormhole
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

README: minor improvements

Browse Source
This commit is contained in:
Brian Warner 2016-01-12 15:03:55 -08:00
parent 12816c16d8
commit 59da5d74a2
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
README.md
View File

@ -25,7 +25,7 @@ On OS-X, you may need to install `pip`.
## Motivation ## Motivation
* Moving a file to a friend's machine, when the humans can speak to each * Moving a file to a friend's machine, when the humans can speak to each
other but the computers cannot other (directly) but the computers cannot
* Delivering a properly-random password to a new user via the phone * Delivering a properly-random password to a new user via the phone
* Supplying an SSH public key for future login use * Supplying an SSH public key for future login use
@ -38,8 +38,9 @@ address in the opposite direction, and is even worse for secrets, because
email is unencrypted. Copying files through encrypted email requires email is unencrypted. Copying files through encrypted email requires
bootstrapping a GPG key as well as an email address. Copying files through bootstrapping a GPG key as well as an email address. Copying files through
Dropbox is not secure against the Dropbox server and results in a large URL Dropbox is not secure against the Dropbox server and results in a large URL
that must be transcribed. Using a URL shortener adds an extra step and that must be transcribed. Using a URL shortener adds an extra step, reveals
reveals the URL to the shortening service. the full URL to the shortening service, and leaves a short URL that can be
guessed by outsiders.
Many common use cases start with a human-mediated communication channel, such Many common use cases start with a human-mediated communication channel, such
as IRC, IM, email, a phone call, or a face-to-face conversation. Some of as IRC, IM, email, a phone call, or a face-to-face conversation. Some of
@ -63,11 +64,11 @@ PAKE effectively trades off interaction against offline attacks. The only way
for a network attacker to learn the shared key is to perform a for a network attacker to learn the shared key is to perform a
man-in-the-middle attack during the initial connection attempt, and to man-in-the-middle attack during the initial connection attempt, and to
correctly guess the code being used by both sides. Their chance of doing this correctly guess the code being used by both sides. Their chance of doing this
is inversely proportional to the entropy of the wormhole code. The default is inversely proportional to the entropy of the wormhole code. The default is
(which can be changed) uses 16-bit codes, so for each use of the tool, an to use a 16-bit code (use --code-length= to change this), so for each use of
attacker gets a 1-in-65536 chance of success. As such, users can expect to the tool, an attacker gets a 1-in-65536 chance of success. As such, users can
see many error messages before the attacker has a reasonable chance of expect to see many error messages before the attacker has a reasonable chance
success. of success.
## Timing ## Timing