Encrypted forums challenges
fabbari_at_gmail.com
Date: 06/28/05
- Next message: SniffinPopRocks: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Previous message: Herbert Paulis: "Re: (N)ever (S)ay (A)nything - Any ideas ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 28 Jun 2005 05:36:57 -0700
Hello everyone!
A short introduction to the problem: last year the Italian Postal
Police went to an ISP where a server of a group of left wing
organizations was housed, nominally to get the contents of a mailbox,
practically they copied the whole contents of the servers and the
private keys used to secure the communications of several mailing lists
and forums. The raid was discovered just few days ago, because when
called one year ago the ISP told the owners of the server that the
service was down because of "electrical problems".
So, added to the rubbehose problem, we have the "we come, get your
keys, you don't get to know about it" problem.
The idea I'm toying around with is the use of shared keys in groups
that grow following normal social networks relationships to encrypt the
contents of the forums, working with extensions on the browser side
(Firefox) that would handle most of the burden of handling the key
management (join, leave...).
Ok, this is the fact: I'm a decent programmer, but I suck at
cryptography. Yep, I read the books, went along some FAQs, I get the
general idea, but I still suck big time. And when security is the issue
I believe that getting to know your limits is a pretty good standard.
Anyhow, I've seen several group encryption - shared keys papers, but
I can't make up my mind about what would be a good solution.
Silly, but easy solution: encrypting the symmetric key used to
encypher the forum post for every public key of the users. This would
pose a serious load on the persons' PC when the number of users grow,
plus many other problems related to the leak of one's private keys.
Using shared keys protocols I've seen used in multicast protocols,
handling joins and leaves, seems to be the most acceptable solution.
What are you thoughts on it? To be more specific, how is it possible
to address the following issues:
- No central repository of keys, if server is compromised no data can
be
recovered;
- People that leave the group won't be able to read the new messages
- and
with some rekeying it would be feasible to blind also past
postings;
- There should be no central key issuing authority;
- Subgroups: some messages could be encrypted so that only a subset
of the
group can read them, without actually having to build another
group;
I'm sure there is more literature on the issues than what I read, so
simple pointer to existing literature is welcome.
Than you for the time you spent reading this far,
Fabio
- Next message: SniffinPopRocks: "Re: un-hashing to reveal pass phrase [was: crypto sms]"
- Previous message: Herbert Paulis: "Re: (N)ever (S)ay (A)nything - Any ideas ??"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
