[Cryptography] The Mesh

Phillip Hallam-Baker phill at hallambaker.com
Thu Jul 9 19:32:55 EDT 2015 

On Thu, Jul 9, 2015 at 5:50 PM, Ralf Senderek <crypto at senderek.ie> wrote:

> On Thu, 9 Jul 2015 15:12:25 Phillip Hallam-Baker wrote:
>
>  The mesh is designed be an untrusted service that can support secure
>> exchange of any sort of data through end to end encryption.
>>
>
> If the mesh is designed to ease a user's eminent pain ("remembering the
> user names at all the 100s of Web sites they use") how does it work?
> Is there any pointer you can give us? And how do you solve the
> key management problem, practically?
>
>    --ralf
>

It is currently a 'work in progress' which means that currently I have
three parts that all work on their own that I am trying to bash into one.
This is down from six modules three weeks ago.

The basic idea is that every user has their own personal pki. At the moment
I am using X.509 but it could just as easily use JSON, XML or whatever.

Each user has a personal profile which contains exactly one personal master
signing key which serves as a permanent root of trust. Every cert in the
user's personal PKI will ultimately chain to this root. The root has a UDF
fingerprint, for example: MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ-SV75J

[https://tools.ietf.org/html/draft-hallambaker-udf-00 has the details of
UDF, its basically just a generalization of PGP fingerprints using base32
encoding with some features to prevent data type substitution attacks]


So the key point of this scheme is that when a device tells the user that
its root of trust is MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ-SV75J, they know that
either that device is lying (i.e. the device is compromised) or it is under
the user's trust profile.


Every device also has a device profile that contains a device signing key,
a device encryption key and a device authentication key. These would
typically last the lifetime of the device.

So to join a device to a personal profile what the user sees is:

* They run the profile manager on the new device, they give their mesh
account id.
* The device gives the UDF fingerprint of the profile, they check it is
MB2GK-6DUF5-YGYYL-JNY5E-RWSHZ-SV75J
* The user then goes to a device they authorized as an administration
device for their profile, there will be a message waiting telling them that
such and such a device is trying to connect. If they approve the
connection, they can then select the applications they want to enable for
that device.
* They go back to their device, it is now working with the specified
applications.


The mesh does not do any cryptography at all, it is just a dropbox for
exchanging small quantities of crypto info. So in the above example, the
admin machine pulls the S/MIME and OpenPGP decryption keys that the device
is going to need to read emails and encrypts them under the device key and
uploads the profile to the mesh.


Note that this is not just configuring crypto. It can configure account
network connections as well.

Lets say someone is using mail on their admin device. And for the sake of
demonstration, lets say it is Windows Live Mail. The current code will
slurp up the configuration info from the app. Then it will ask which
account the user wants to enable (if there is more than one).

The tool will then automatically pull the network connectivity info from
Livemail, create S/MIME signing and encryption certs and configure LiveMail
to use them. And the user does not need to do anything.

OK so now the user buys an Apple Ring (oh you know thats what is next after
the watch), they connect it to their profile, include mail in the apps it
is enabled for and it is now configured to do email. The SMTP, IMAP,
servers are set up, S/MIME, everything.


So don't think of this just as a way to manage crypto. It can be used to
share any sort of application profile. Though its a pretty poor profile
that doesn't have crypto. You can have a network profile with your DNS
resolvers and protocols, VPN info, etc. You can have a Jabber profile,
password manager, SSH, pretty much anything you like.

There are proprietary schemes that do something of the sort of course. But
they are intentionally non-interoperable. I can't easily exchange my Chrome
bookmarks with Firefox for example. Chrome does not support the bookmarks
of the Google toolbar.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20150709/4c29d96f/attachment.html>

More information about the cryptography mailing list