[Cryptography] What is a secure conversation? (Was: online forums...)

ianG iang at iang.org
Fri Dec 27 02:03:30 EST 2013 

On 26/12/13 22:27 PM, Jerry Leichter wrote:
> On Dec 26, 2013, at 2:40 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
>> One interesting move might be a move to a media and mechanism
>> that has improved security...
> Ah, finally something related to the topic of this list!
>
> I actually addresses this issue a couple of weeks back as a hypothetical.  So let's think about it:  Just what *would* a "more secure" version of this discussion (ignoring the actual technology) look like?  Keep in mind that, by design, anyone can join by sending a simple request to the moderator.  They'll promptly receive copies of all messages.  Given this, what's your threat model?



Yes, indeed, I think this is an important problem, and I've not ever 
come across a comfortable solution.



Content.  As anyone can join, the content isn't that important.  A mild 
form of security comes from knowing what the list is called.

This might also be improved by having an invite practice, so even if you 
know that there is a list "NewWorldConspirers" there is more of a 
barrier to getting to it.

Another issue with content is having it escrowed.  Does it sit on the 
laptop mail client forever?  Or can we put a timer in that wipes it?



Metadata.  Who is on the list?  This could be considered valuable 
information (and it is what the big data organisations treasure).

Who said what?  If all the posters are benign, and one calls for 
worldwide cryptographic jihad, the attacker wants details on the 
target...  perhaps to offer her a job, privately.

Which leads to an obvious split in individual protections:  anonymous or 
psuedonymous?  That is, is each post by Alice recognisably from her, or 
is each post unlinked?



Moderator.  We should really model the moderator as an attacker.  Call 
her Trinity as a ttp.  What happens if she starts drifting the 
conversation towards ... oh, encouraging the IETF to standardise on 
DUAL_EC?  Her easy attack is to drop posts, so we might want to browse 
that which was censored.

Trinity might also start mitm'ing, by actively sending messages out to 
people that don't go to others.  So we might want to know that all 
messages got to everyone, and no selective conversations are happening.





iang

More information about the cryptography mailing list