[Cryptography] peering through NAT

jamesd at echeque.com jamesd at echeque.com
Fri May 10 21:29:53 EDT 2019

On 2019-05-10 09:37, Ángel wrote:
> UPnP ?
> https://en.wikipedia.org/wiki/Universal_Plug_and_Play#NAT_traversal
> https://en.wikipedia.org/wiki/Internet_Gateway_Device_Protocol
> Now, what does NAT traversal have to do with crypto?

Not much, but it has a little, and here is what it has to do with 

In a world where authorities are increasingly trying to control speech 
and rewrite the quite recent past at frequent and ever shortening 
intervals, we will increasingly rely on peer to peer distributed security.

For example:  Database linking human memorable names and cryptographic 
key, squaring Zooko's triangle.

If that database is a central authority, that central authority is apt 
to give evil crime thinker Ann the address of the FBI as the address of 
evil crime thinker Bob, and similarly the address of the FBI to evil 
crime thinker Bob as the address of evil crime thinker Ann.

Suppose we have an append only Patricia Merkle dac, such that if 
everyone agrees on the root hash, cannot amend the past, nor give 
different people different versions of the past.  The evil crime thinker 
Ann can know that she is seeing the same story about her key and Bob's 
key as Bob sees.

But we cannot rely on a majority of honest peers - observe how often 
every single tenured academic in the entire American hegemony agrees on 
the new version of reality, and remembers that he always agreed on the 
new version of reality, when yesterday he had a different position.

So what we are going to have to do is that each root hash incorporates 
the previous root hash in a block chain, lots of peers sign the root 
hash, and record each other signing the root hash, so that if a new hash 
appears that fails to be legitimately derived from the previous root 
hash, a root hash that testifies to a history incompatible with that 
testified by previous root hashes, a single honest peer can call them 
all out causing a fork.

So a large number of peers agree on the one true latest root hash, and 
each witnesses many of the others agreeing.  And if any of the peers are 
not honest, or if all but one is dishonest, they will get called out, 
which will keep them all honest.

This implies some sort of paxos protocol, weight of stake rather than 
weight of hashing power, for the government can always seize or build 
the majority of hashing power.

Hence peer to peer security.  Even if you are running a client program, 
you will want it to record the part of the Patricia Merkle tree that 
relates to your activities, the signatures of numerous major and 
important peers, and make sure that the people you interact with are 
seeing the same record of the past, and in particular your past keys, as 
you are.

Nat penetration is messy.  Maybe we just do it client server, and wait 
for IP6.

More information about the cryptography mailing list