Bitcoin Forum
October 15, 2019, 10:43:36 AM *
News: Latest Bitcoin Core release: 0.18.1 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Centralized but anonymous? Layered encryption? message laundering?  (Read 545 times)
greBit
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
June 04, 2013, 01:18:57 AM
 #1

Just hoping for some feedback and discussion about an idea i've had at the back of my mind...

TLDR; Tor/i2p replacement for next-gen anonymous web & mobile apps. Rich clients. Dumb cloud.


Technologies such as Tor and I2P are unquestionably awesome and can save lives. But for the casual user, who is just concerned about their privacy (lower threat model), and wants to make use of hidden services, having to download extra software is a bit of a pain.

Instead of navigating to an Onion site, wouldn't it be nicer to just execute an open-source 'SilkStreet' chrome/firefox web app?

Could some communications infrastructure (some simple API) be built which would allow users to:
  • Send a message to the world (Publish)
  • Send a message to another (DM)

Just having these 2 simple primitives to allow one to publish and inter-communicate, freely and anonymously, via web technologies, would be very useful.

Advantages:
  • The complexity happens at the client side, where the code can be audited easily and trusted.
  • The communications protocol, supported by distrusted central entities, would be simple. The scope for harm caused by malicious servers is limited.

So my question is, can you envisage some protocol for achieving this, when:

  • All users of the system are restricted to running in-browser apps - HTML5/Javascript
  • We have one central server, S, who could be malicious, who examines the content of all messages
  • S provides a store-and-forward service.
  • Each user maintains a persistant connection with S
  • To Publish or DM, a user must send the message to S, who will subsequently forward it on to the final destination
  • Each user will have a key pair (Pub,Priv)
  • A user's Pub key also acts as an endpoint for addressing direct messages

I was thinking that through a clever application of cryptography, this ought to be entirely possible.

We could model a strongly connected graph of users, over the underlying centralized topology. Where we must assume that at every edge, S has a wiretap, reading and possibly injecting messages!

Could we 'launder' a message, with layered encryption, so that instead of Alice talking directly to Bob. She constructs a layered (tor-like) message that gets relayed through multiple users before reaching Bob? Thus hiding the author and recipient of a message? Each time a message is relayed, it appears completely different to S who cannot directly relate it to previous messages.

But S could perform timing attacks....

I will write a more coherent proposed solution tomorrow!
1571136216
Hero Member
*
Offline Offline

Posts: 1571136216

View Profile Personal Message (Offline)

Ignore
1571136216
Reply with quote  #2

1571136216
Report to moderator
1571136216
Hero Member
*
Offline Offline

Posts: 1571136216

View Profile Personal Message (Offline)

Ignore
1571136216
Reply with quote  #2

1571136216
Report to moderator
1571136216
Hero Member
*
Offline Offline

Posts: 1571136216

View Profile Personal Message (Offline)

Ignore
1571136216
Reply with quote  #2

1571136216
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1571136216
Hero Member
*
Offline Offline

Posts: 1571136216

View Profile Personal Message (Offline)

Ignore
1571136216
Reply with quote  #2

1571136216
Report to moderator
empoweoqwj
Hero Member
*****
Offline Offline

Activity: 518
Merit: 500


View Profile
June 04, 2013, 03:20:15 AM
 #2

"One central server, S" - really? Kaboom ........
greBit
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
June 04, 2013, 07:21:50 AM
 #3

"One central server, S" - really? Kaboom ........

Kaboom indeed. But if it was a server that did not need to be trusted ...

For example, how are you currently connected to the internet? You have a connection to a centralized ISP who sees every one of your incoming and outgoing packets.

But this does not bother you since the contents of your packets are encrypted and you can chose to be anonymous using tools such as VPNs/Tor/I2P.

I want to do a similar thing but at the application layer in the network stack.
greBit
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
June 04, 2013, 07:22:40 AM
 #4

The link to Bitcoin is a bit tenuous - perhaps the private keys will also be Bitcoin private keys Smiley
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!