Dear Tor community, I came across this message[1] about Shari Steele wanting to bring Tor to the mainstream. I humbly believe I have something that might assist her in this quest. I call it Eccentric Authentication. Philosophical: The Eccentric Authentication protocol is designed for situations where people - who haven't met each other - exchange public keys in a verifiable way. This happens in public. It's the opposite of a darknet protocol where people can only communicate after being introduced. In short: 1. Eccentric Authentication is a protocol between a site and its users. 2. The site acts as platform where people get introduced to each other. 3. As part of the introduction process, the user agents of each of the participants verify that there is no Man-in-the-Middle active. 4. Once verified, the users can each create a Tor hidden service, send the address and port number in an encrypted message to the other. If the other person is interested they can connect to the hidden service and reach the first person. The first three steps happen in the open. It's where the introductions get done. The last step is where people set up encrypted tunnels through Tor to connect in private. What they send over the tunnel is up to them. For example: A blog site lets people post blog messages. After signing up, bloggers sign these messages using their private key. Each user has their own private key(s), at least one for each site. Readers who come across the site can read anonymously and verify the message signatures. If an anonymous reader would like to respond in public, they sign up for an account and they too sign their messages before publication. If either the blogger or responder wishes to send a private message, they can use the others' persons public key after validating there is no MitM. Message transport goes through the site. After a few round trips of messages, there is certainty there is no MitM. They can now create their Tor tunnels and send the details to the other. Privacy: Participants can stay as anonymous as they wish. It's only the site that needs a public identity. The users participate without providing any personal information, not even a name or an email address or other long lived contact mechanism. A client certificate is all that's needed. The site runs their own CA and signs the client certificates for the users. The users' client certificates are devoid of personal information. All that's needed to sign up is a fresh key pair and a chosen nickname. There is no need to sign up with a email address or other identity. There is no way to contact that user if they destroy the private key to that certificate. The user stays in control. If people create a fresh Hidden Service for each introduction, they have complete control over when the other can contact them. This might be very useful at a dating site where one be able to break off all communication from an individual by destroying that hidden service endpoint. About Meta data: Anything that people do on blogs is signed with their certificates. This is public data. However, each user creates a fresh public key and a new nickname for each site. There is no easy linking of identities between disjunct sites. As the initial message exchange between two strangers goes via the site, it can log this. As such, there is a correlation between sending private messages through the site and the creation Tor Tunnels. This means it's very unlikely that people who haven't sent a private message through the site to communicate with each other. This might be mitigated a bit by probabilistic sending of chaff messages that look like real traffic. However, the bulk of the interesting traffic flows via hidden services, out of sight of anyone, including the site. But again, this protocol is designed for people to participate in public yet communicate in private. There are a lot of technical details. For those and other use cases of eccentric authentication, please visit my site: Eccentric-Authentication.org. With regards, Guido Witmond. 1: http://www.dailydot.com/politics/shari-steele-tor-project-eff/
Attachment:
signature.asc
Description: OpenPGP digital signature
-- tor-talk mailing list - tor-talk@xxxxxxxxxxxxxxxxxxxx To unsubscribe or change other settings go to https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk