[Cryptography] Implementing full Internet IPv6 end-to-end encryption based on Cryptographically Generated Address
grarpamp
grarpamp at gmail.com
Thu Jan 24 14:33:37 EST 2019
>>> > When we communicate with strangers, we can use the following
>>> > handshaking protocol.
>>>
>>> So here, you only accomplish confidentiality toa stranger. But you
>>> have no idea which stranger.
>
>> This is to achieve end-to-end encryption without CA.
>>
>> Prove a specific identity with a specific IPv6 address.
>
> You miss the point. Talking with confidentiality to an IP address means
> nothing.
> Using null-authentication with any protocol accomplishes the same. You
> left out how binding that IP address to a psuedo identity would work.
>
> If I talk with confidentiality with 2600::c900:9106:adca:dc36 then who
> am I talking to? You ? Your server? Your phone? The NSA?
>
> Besides that, anyone who controls some of the BGP tables or routing
> can be an instance of 2600::c900:9106:adca:dc36 passing identification
> of your crypto scheme. So I don't even know if I am talking to the "real"
> 2600::c900:9106:adca:dc36. And if you meant the IPv6 as a "shared
> secret" then we have better methods like PAKE to go from a weak shared
> secret we exchange at a party, to a strong secret we can use to
> authenticate a private channel.
>
> In other words, your proposal is the equivalent to any kind of
> DiffieHellman key exchange. Now you have confidentiality, you need
> to authenticate the other party.
As readers may be aware,
Tor has an interesting capability via OnionCat and OnionVPN
to join its 80-bits of v2 onion addressing with the IPv6/48
bits provided by the latter tools to yield a self authenticating
128-bit host and internet stack compatible private space.
This brings IPv6 (UDP, ICMP, all its applications, etc) to
the Tor overlay.
Tor breaks that with its v3 onions which are much wider.
As does I2P. And of course CJDNS isn't exctly interop
friendly.
There's an open project for anyone who wants it...
To bring IPv6 over v3 onions to Tor.
The results of which... that being how to provision roughly
approaching 128-bits of stack compatible reasonably E2E
self or otherwise authenticated space out from any wider
space... would be useful to many of the existing and future
overlay networks out there, to bring instant compatibilty
of those nets with all of users IPv6 apps.
Could be anything from a DHT first seen, to an in network
blockchain registry, to an entirely new modular AF_WIDE
compilation library option which could pluggably open up
a lot of overlay networks to general application usage.
See tor-talk list archives and I2P dev for more
talk on the potential project.
More information about the cryptography
mailing list