[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Distributed key distribution for use-key-only-once anonymous network (pre-alpha)
Hi, like most here will remember I started experimenting with developing my own anonymous e-mail protocol <home.hccnet.nl/t.j.boschloo/TLBP>, which suffers greatly from the possibility of a malicious remop tagging the key to the e-mail address it sends to. I haven't really stopped thinking about a way around this since I drafted up some alpha specs on my homepage in Februari 2003 and now I am considering ways to distribute use-once-only remailer keys differently.
It will be a great strain on system resources (which my protocol already was anyway due to the huge amount of keys that needs to be stored at each node), but I wonder if any of the readers of this list can help me understand how crowds works. It just sounds like something I could use to distribute the keys.
1) I cannot use a central server where keys are deposited because that central server will be able to target all users and it will only need to team up with a single TLBP node to tag a user.
2) I want TLBP nodes to generate keys all the time and use the network to distribute them in an anonymous way. The stress on the servers seems enormous to me, but since Moore's law still seems to hold it might eventually work in practise I believe.
3) A client that wants to use a TLBP network node just taps into a server and gets a key (at a price in hashcash, I try to use hashcash as specified by Adam Back wherever I think it could be useful). If the key is from the node it got the key from (which is possible if the key got send back and forth between different nodes), it must be discarded by the client. The TLBP nodes need not check for this eventuality.
4) If a client decides to use a key it must be removed from the distributed network, otherwise it can send this key on to a random TLBP node for reuse.
So, I am just making this all up as I am typing, but is this about how crowds works? I tried google, but the link I clicked on was defunct (I should have tried some other links too I guess).
Any comments are welcome, and well, maybe the directory services could use such a distributed protocol somehow. I don't know.
PS1) Of course all keys need to be signed by the node which generated it or it would become trivial to flood the network with bogus disfunct keys!!
PS2) If an echelon like system monitors the network it should be able to see which keys got send on. So maybe it is wise to remove some keys from the network (at the cost of some hashcash) which are never used. Of course it is nearly impossible to protect against Echelon anyways I think (mixminion comes a long way, but combined with Carnivore at the client's ISP it should be possible to break the security a user which such adversaries).
Regards and thanks for sharing,
Thomas J. Boschloo
Den Helder/The Netherlands
--
Using M2, Opera's revolutionary e-mail client: http://www.opera.com/m2/