MT Server-Client Communication encrypted ?

[Astrobe]

The communication should be encrypted as it avoids MITM attacks, but in real terms it's not going to be that big of an issue as Minetest isn't that common and becoming a MITM is hard without being on the same network.

I believe people playing over WIFI could be in that situation (honeypot WIFI hotspots). But what would be the point anyway? There's no micro-payment, there's no precious account credentials... Being MITM'd in the context of Minetest would almost be an honor: you have skilled enemies.

[Linuxdirk]

But what would be the point anyway?

You have the permissions of the user account running Minetest. You could then sneak in a server-sent client-side mod farming your favorite crypto currency in the RAM of the user (pretty much limited because of LuaJIT’s memory limit but still a possible attack vector). Then have the mod send the result back to the server but grab the packets and redirect the result to your machine. Multiply by Minetest players worldwide.

Or try to break out of the sandbox (the used LuaJIT version is several years old) and run arbitrary code in user context.

[Vapalus]

Of course nobody would take risks for nothing. If you refuse to go beyond this argument level, there's no point in talking.

There is people who take risks for nothing.
This is why women live longer than men.

Please someone at least attack my argument on the overhead encryption introduces.

CryptoPP::AES::Encryption aesEncryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
CryptoPP::CBC_Mode_ExternalCipher::Encryption cbcEncryption( aesEncryption, iv );

CryptoPP::StreamTransformationFilter stfEncryptor(cbcEncryption, new CryptoPP::StringSink( ciphertext ) );
stfEncryptor.Put( reinterpret_cast<const unsigned char*>( plaintext.c_str() ), plaintext.length() + 1 );
stfEncryptor.MessageEnd();

Done.

Also, this one is one of the more complicated examples.

[sfan5]

Reminder that encryption without authentication is useless.
If you don't add something like TLS certificates, MITM is still equally possible.

the used LuaJIT version is several years old

source?

CryptoPP::AES::Encryption aesEncryption(key, CryptoPP::AES::DEFAULT_KEYLENGTH);
CryptoPP::CBC_Mode_ExternalCipher::Encryption cbcEncryption( aesEncryption, iv );

CryptoPP::StreamTransformationFilter stfEncryptor(cbcEncryption, new CryptoPP::StringSink( ciphertext ) );
stfEncryptor.Put( reinterpret_cast<const unsigned char*>( plaintext.c_str() ), plaintext.length() + 1 );
stfEncryptor.MessageEnd();

Done.
Also, this one is one of the more complicated examples.

AES-CBC, no MAC (or AEAD). Congratulations, you fail.

Besides, Astrobe was talking about the size overhead of encryption, not its implementation.

[Linuxdirk]

the used LuaJIT version is several years old

source?

“we are using latest 5.1.4 which is 4 years old” - nerzul on Github.

https://github.com/minetest/minetest/is ... -359457813

[sfan5]

“we are using latest 5.1.4 which is 4 years old” - nerzul on Github.

https://github.com/minetest/minetest/is ... -359457813

This is the version of the imported Lua codebase we have in Minetest, not LuaJIT.
Most builds, including the official Windows ones, use LuaJIT 2.1.0-beta3 which was released in May last year.

[Linuxdirk]

Mmmh, okay ... Then the used Lua version is several years old. That changes the attack vector but does not close it.