LatestVersion: Stable: 0.50a | Beta: 0.50b
 Deutsch English Franšais Hebrew Chinese Traditional Spanish Italian Polish Lithuanian Estonian Danish Swedish Dutch (Netherlands) Portuguese (Brazil) Czech Portuguese - Portuga Russian Catalan Turkish Finnish Romanian Greek Serbian Chinese Simplified 




Get eMule at SourceForge.net. Fast, secure and Free Open Source software downloads


Cuddle eMule
Secure User Identification HelpNAV

Clients in the network are identified by a unique value called user hash. This user hash is stored in the preferences.dat file and is used to grant earned credits with other users.
eMule can use an asymmetric encryption to avoid exploiting or manipulating other users hash values. The method uses a private and a public key to secure the user hash and to ensure a proper identification on other clients.

Secure User Identification can be turned on in Preferences -> Security. It is recommended to use it.

How secure user identification works:

Client A wants to make sure that his credits are safe and only used by him. He creates a private 384 bit RSA key and stores it in the cryptkey.dat file.
This private key is created when the encryption is used for the first time. Losing this key means Client A loses all his credits since he is no longer able to prove that he is the valid owner of them.

When two encryption supporting clients exchange data for the first time they both send a public key together with a random value to their partner. Each stores the other ones key in its clients.met file. Only the key is saved, the random value is generated new each following connection.

Does client A wants to identify himself on client B at a later time he creates a digital signature and sends it to B. This signature is from his private key, the public key of B and a random value. It is valid until client A changes his IP or client B closes eMule.

After receiving A's signature client B checks if it is created from his public key B and the correct random value. If it also fits client A's public key, then client A is correctly identified.

Notes:
> If the cryptkey.dat file is lost or deleted, the preferences.dat file has to be also deleted or no new credits can be collected on already known clients.
> When switching to secure user identification all old, "unsecured" credits will be lost. For security reasons, there is no way to transfer these credits to the secure system.

Applies to version: .29b +
Last update on: 2003-06-20 by Monk


Translate this page Last Update: 20.11.2005 1:12
The GUI
The Preferences
FAQ
General Information
Ports, Firewalls & Router
Servers
Features
 
  Protocol Obfuscation
Searching for Files
Credit System
Secure User Identification
Aggressive Client Ban
Source Exchange
Preview Multimedia Files
Online Signature
IRC Chat
Friends
IP Filters
Categories
Webinterface
Command Line Switches
MuleMRTG
eD2k Links
Source Management
Corruption Handling
Troubleshooting
User Made Guides and FAQs
  Beginner's Guide
Network Guide