[Cryptography] Email and IM are ideal candidates for mix networks
Perry E. Metzger
perry at piermont.com
Mon Aug 26 14:44:32 EDT 2013
On Mon, 26 Aug 2013 10:40:17 -0700 Ray Dillinger <bear at sonic.net>
wrote:
> On 08/25/2013 03:28 PM, Perry E. Metzger wrote:
>
> > So, imagine that we have the situation described by part 1 (some
> > universal system for mapping name at domain type identifiers into
> > keys with reasonable trust) and part 2 (most users having some
> > sort of long lived $40 device attached to their home network to
> > act as a "home server".)
>
> My main issue with this proposal is that somebody identifiable is
> going to manufacture these boxes. Maybe several somebodies, but
> IMO, that's an identifiable central point of control/failure.
One can use a commercial PC if one wants to install on one's own, or
any one of many manufacturers of small boxes. It is certainly the case
that the hardware layer can be attacked, all is lost. On the other
hand, if we presume supply chain attacks, all is lost anyway -- once
you control the computer, the protocols it is running don't matter.
Even keyboards can be suborned -- see Gaurav Shah's work on that, for
example.
I would prefer not to try to solve that problem right now -- it is
too broad and too general. If others can solve it, that's of course a
great thing. :)
Perry
--
Perry E. Metzger perry at piermont.com
More information about the cryptography
mailing list