[Cryptography] Email and IM are ideal candidates for mix networks

Bill Frantz frantz at pwpconsult.com
Fri Sep 6 00:03:28 EDT 2013


On 8/25/13 at 8:32 PM, leichter at lrw.com (Jerry Leichter) wrote:

>*The* biggest headache is HTTP support.  Even the simplest 
>modern HTTP server is so complex you can never be reasonably 
>sure it's secure (though, granted, it's simpler than a 
>browser!)  You'd want to stay simple and primitive.

I'm currently over 250 messages behind, so please pardon me if 
this item has already been mentioned.

Back in 2009, Charlie Landau and I worked on a DARPA contract to 
demonstrate a secure web key server[1]. We used CAPROS[2] as the 
underlying operating system and build a HTTP interpreter to act 
as the server. The system is GPL and the source for the web key 
server is available on Sourceforge[3].

Charlie comments that the IDL files are quite useful, but there 
really isn't any documentation. Let me give a brief overview:

When a new TCP connection arrives, a new instance of the web key 
server is created. It can not communicate with any other 
instance of the web key server, and the only real authority it 
has, beyond sending and receiving on the TCP circuit, is to a 
name lookup system.

This name lookup system takes a string -- the secret part of the 
web key -- and returns a resource. The web key server then 
returns the contents of that resource to the requestor.

Since the name lookup system does not allow enumeration of its 
contents, even if an instance of the web key server is 
compromised, an attacker will still have to guess the secret 
part of the web key to retrieve authorities from the name lookup system.

Cheers - Bill

[1] Web key: <http://waterken.sourceforge.net/web-key/>

[2] <http://www.capros.org/>, <http://capros.sourceforge.net/>

[3] <http://sourceforge.net/projects/capros/>

-----------------------------------------------------------------------
Bill Frantz        | Truth and love must prevail  | Periwinkle
(408)356-8506      | over lies and hate.          | 16345 
Englewood Ave
www.pwpconsult.com |               - Vaclav Havel | Los Gatos, 
CA 95032



More information about the cryptography mailing list