[Cryptography] What is a secure conversation? (Was: online forums...)
ianG
iang at iang.org
Fri Dec 27 02:03:30 EST 2013
On 26/12/13 22:27 PM, Jerry Leichter wrote:
> On Dec 26, 2013, at 2:40 AM, Tom Mitchell <mitch at niftyegg.com> wrote:
>> One interesting move might be a move to a media and mechanism
>> that has improved security...
> Ah, finally something related to the topic of this list!
>
> I actually addresses this issue a couple of weeks back as a hypothetical. So let's think about it: Just what *would* a "more secure" version of this discussion (ignoring the actual technology) look like? Keep in mind that, by design, anyone can join by sending a simple request to the moderator. They'll promptly receive copies of all messages. Given this, what's your threat model?
Yes, indeed, I think this is an important problem, and I've not ever
come across a comfortable solution.
Content. As anyone can join, the content isn't that important. A mild
form of security comes from knowing what the list is called.
This might also be improved by having an invite practice, so even if you
know that there is a list "NewWorldConspirers" there is more of a
barrier to getting to it.
Another issue with content is having it escrowed. Does it sit on the
laptop mail client forever? Or can we put a timer in that wipes it?
Metadata. Who is on the list? This could be considered valuable
information (and it is what the big data organisations treasure).
Who said what? If all the posters are benign, and one calls for
worldwide cryptographic jihad, the attacker wants details on the
target... perhaps to offer her a job, privately.
Which leads to an obvious split in individual protections: anonymous or
psuedonymous? That is, is each post by Alice recognisably from her, or
is each post unlinked?
Moderator. We should really model the moderator as an attacker. Call
her Trinity as a ttp. What happens if she starts drifting the
conversation towards ... oh, encouraging the IETF to standardise on
DUAL_EC? Her easy attack is to drop posts, so we might want to browse
that which was censored.
Trinity might also start mitm'ing, by actively sending messages out to
people that don't go to others. So we might want to know that all
messages got to everyone, and no selective conversations are happening.
iang
More information about the cryptography
mailing list