net.i2p.router.tunnel
Class BloomFilterIVValidator
java.lang.Object
net.i2p.router.tunnel.BloomFilterIVValidator
- All Implemented Interfaces:
- IVValidator
class BloomFilterIVValidator
- extends Object
- implements IVValidator
Manage the IV validation for all of the router's tunnels by way of a big
decaying bloom filter.
Method Summary |
void |
destroy()
|
boolean |
receiveIV(byte[] ivData,
int ivOffset,
byte[] payload,
int payloadOffset)
receive the IV for the tunnel message, returning true if it is valid,
or false if it has already been used (or is otherwise invalid). |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
BloomFilterIVValidator
public BloomFilterIVValidator(RouterContext ctx,
int KBps)
receiveIV
public boolean receiveIV(byte[] ivData,
int ivOffset,
byte[] payload,
int payloadOffset)
- Description copied from interface:
IVValidator
- receive the IV for the tunnel message, returning true if it is valid,
or false if it has already been used (or is otherwise invalid). To
prevent colluding attackers from successfully tagging the tunnel by
switching the IV and the first block of the message, the validator should
treat the XOR of the IV and the first block as the unique identifier,
not the IV alone (since the tunnel is encrypted via AES/CBC). Thanks to
dvorak for pointing out that tagging!
- Specified by:
receiveIV
in interface IVValidator
destroy
public void destroy()