[Cryptography] With an e2e network, would the US still need to ban Huawei's 5G
Phillip Hallam-Baker
phill at hallambaker.com
Wed Feb 19 15:58:31 EST 2020
On Wed, Feb 19, 2020 at 2:47 PM Christian Huitema <huitema at huitema.net>
wrote:
>
> > On Feb 19, 2020, at 9:13 AM, Patrick Chkoreff <pc at fexl.com> wrote:
> >
> > In any case it looks like the Europeans are faced with a simple choice:
> > who do they want to grab their metadata, and possibly even their data
> > -- the Americans or the Chinese?
>
> Or both. And whatever hacking team manages to penetrate the routers.
>
> This is why we need metadata reduction on top of e2e encryption. SNI
> encryption of course, but also defense against application fingerprinting.
> Onion Routing for the masses would be nice too. Once we have that on top of
> e2e encryption, then yes we could treat the network as a compromised swamp
> and still maintain privacy. But today we don't.
>
Mesh messaging makes use of three layers of encryption.
Communication between the client and service is over TLS for Traffic
analysis resistance.
Each request and response is authenticated and optionally encrypted under a
key agreement between client and service auth keys. This provides access
control.
The Mesh Messages themselves are limited to 32KB and are end to end
encrypted under the key of the recipient or group. This is for end to end
security. Note that use of threshold decryption means we could use the Mesh
for the cryptography list and achieve true end-to-end encryption without
the need to make the membership of the list public.
Limiting the message size so severely might seem odd. But s message can
contain a link to an external body which is larger. The payoff is that we
can easily pad every message to 32KB and give ourselves a lot of traffic
analysis resistance by onion routing later.
I am also strongly considering how we might make use of Micali simultaneous
transactions. Though folk are already complaining about PHB's grand unified
theory of crypto.
There is a complete set of videos describing the design of the Mesh in
detail on YouTube. I can type but I cant speak at this point.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200219/55f49a0d/attachment.htm>
More information about the cryptography
mailing list