[Cryptography] Mathematical Mesh Demo Reels

Phillip Hallam-Baker phill at hallambaker.com
Wed May 4 13:30:53 EDT 2022 

Seems some of you would like proof that this code actually runs. Well, here
are the demo reels of the line mode tools:

(1) Demo Reel - YouTube
<https://www.youtube.com/playlist?list=PLK2hHAOxepEgZtTxX3BtkPUDIJ3--_FAu>
https://www.youtube.com/playlist?list=PLK2hHAOxepEgZtTxX3BtkPUDIJ3--_FAu

I will be launching this at HOPE in NYC in July
https://twitter.com/hopeconf/status/1521879206698831873

Given that I am the only person who has tested this code so far, I do not
recommend it for production use, use at your own risk.

What is demonstrated:

*Reel 1: Configure the service (can skip)*

*Reel 2: Alice protects Alice.*

1) Alice creates a personal Mesh

2) Alice connects multiple devices to her personal Mesh with different sets
of rights according to least privilege.

3) Alice can encrypt and decrypt documents like PGP allows on one device.
But she can now decrypt on any connected device she granted the necessary
rights to.

4) Alice uses an end-to-end encrypted bookmark catalog and password vault
to share data between her devices, so they all work as a single device.

5) Alice creates an SSH application that provisions connected devices with
the specified rights with the ability to provision SSH devices with her SSH
private key.

6) Alice protects herself against further data breaches should a device be
lost or stolen by disabling further decryption operations on a device
connected using a threshold share.

7) Alice creates threshold recovery shares to allow her to recover her data
stored in the cloud in the case of a catastrophic loss of all her connected
devices.


*Reel 3: Alice communicates with Bob*

(Missing) Alice was supposed to create herself an email application so she
could provision her email clients with her OpenPGP and S/MIME keys. Ooops.

1) Alice and Bob exchange contact data.

Only one contact exchange scheme is shown. There are four supported and
range from Alice and Bob meet in person and bump phones via bluetooth to
Bob sends Alice a contact request and Alice replies.

If I had done the email config, they would have each other's OpenPGP keys
at this point in their contact record. This contacts catalog and the
ability to update automatically could be a part of a scheme to provide for
messaging app/protocol interoperability as the EU demands without losing
end-to-end security.

2) 2FA replacement - Confirmation service

Alice logs into Bob's web site off camera and asks to buy some shares. Bob
sends back a signed and encrypted confirmation request 'Do you want to Buy
300,000 PONZI?'. Alice replies yes and Bob gets back a signed and encrypted
receipt showing her device was used to provide agreement.

3) Alice can share encrypted data with Bob PGP style.

4) Alice can create a Threshold Encryption Group. This allows Alice to
grant Bob the decryption rights AFTER the document was encrypted. And she
can yank them back again afterwards, give them back, etc. etc. as often as
she likes.


*Next Steps*

Before releasing the first phase of the Mesh, I want to clear a few
potentially breaking changes. But if you want to try it out, you can pull
the GitHub Main branch and compile from Visual Studio Community edition or
Visual Studio Code.

I am going to be spending the next few weeks adding in three additional
Mesh services that will be needed for deployment at scale but these are
each relatively small.

After that I am going to be focused on delivering GUI tools that provide
Mesh functions. These still include Phill's Hypothetical Browser. The
reason I backed off on that was that I wrote out a list of features I would
need to add to make the browser functional and it was about three months
work. Which would be OK only the Microsoft people agreed that most of them
are things they should be doing anyway. So the project is still in
development but waiting on other development groups to finish.

https://github.com/hallambaker/Mathematical-Mesh
https://github.com/hallambaker/PhillsHypotheticalBrowser
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20220504/741717cc/attachment.htm>

More information about the cryptography mailing list