Assignment Security

This document describes the mechanism used to secure assignments of client to work server (WS) by the assignment server (AS) and client to work unit (WU) by the WS.

Work Server Secure Assignment

A secure assignment token is used to assure that WS assignments are not forgable, cannot be duplicated or reused and cannot be used on other WS or by other users. This ensures clients must go to the AS for WS assignment and prevents cherry-picking high value WUs. Users could still create new user IDs in order to cherry-pick but bonuses, given to client IDs in good standing, can be used to make this unprofitable.

Assignment Token Format

The assignment token is a 64-bit number that is inlucded in the AssignmentToken packet returned to the client by the AS. This token is then forwarded to the WS, by the client, via the WSClientPacket. The 64-bit size was imposed because this data is already blindly copied from the AS to the WS by existing clients. Decoded assignment tokens contain the assigned project ID and assignment time.

Decode(token) = [16-bit project ID][48-bit unix time]

Token Validation

The WS stores recently used assignment tokens in a hash table. When a client presents an assignment token the WS folows this procedure:

  • Assignment is rejected if the token is in the recent tokens table.

  • Token is decoded.

  • Assignment is rejected if the timestamp is too old.

  • Token is added to the recent tokens table.

  • A WU from the assigned project is assigned.

The recent tokens table can be cleaned periodically to prevent unbounded growth.

Assignment Token Encoding

Tokens are encoded and decoded using the Blowfish CBC block cipher. The Blowfish block size is 64-bits which exactly matches the assignment token size. The 128-bit encryption key is computed as follows:

Hash = SHA256(<secret> + <32-bit WS IP> + <64-bit CPU ID> + <passkey>)
Key = ((Hash >> 128) | Hash) & 0xffffffffffffffff

The <secret> is a random value generated by the WS and shared with the AS. It is infeasable to compute the hash and thus the encryption key with out the shared secret. The contents of the hash ensure that an assignment is only valid for the given WS, CPU ID (unique ID assigned to the user by the AS) and passkey.

Work Unit Secure Assignment

The WU Secure Assignment (SA) is a 192 byte block of data which records all of the pertinent assignment information. This data is encrypted and can only be decrypted by the WS or CS. The Blowfish CBC block cypher is used. Random keys are generated by the AS and associated with a key index. The assignment keys and key indices are shared with the CS so that the CS can accept WU results.

[WS] -> <assignment key> + <key index> -> [CS]

WU assignments sent to the client contain the SA plus the index of the key used to encrypt the SA. When the core signs the WU results it also signs the key index and SA. The client then returns the SA to either the WS or CS. The WS or CS then decrypts the SA and checks that the assignment matches the data returned by the client and that it is valid.

WU = [Client header][Core header <key index><SA>][WU data]

This scheme ensures that WU assignments cannot be forged and that the CS & WS can accept assignments with out keeping track of past assignments. This, however, makes it possible to return WUs to both the WS and CS for credit. @This is resovled by removing duplicate credits in the stats system.