Re:

wrote:
Mike Amling wrote:

Peter Fairbrother wrote:
I also hope to have a different messaging solution available (unfortunately
paid-for, which will cost maybe £15 -£25 per year - the server costs are not
inconsiderable, and that may be an underestimate - but which will be
mathematically-from-traffic untraceable - whether you sent, or to whom you
sent, a message will be untraceable, only that you used the service).
Asynchronous messages?

Yes

Where will the servers be?

Undecided. Doesn't matter much though, they can be mirrored. Servers can't
do much more than a selective DoS.

Will the servers use t-of-n threshold computation of secrets, if any?

No, an improved version of Chris Cachin's phi-hiding, with a 1:32 minimum
traffic s/n ratio. Computationally very expensive, fairly cheap in traffic
terms.

Hey, this data might have come from him, or her, or her or .. - I simply
don't know where it came from. See, here is the software - and I don't, and
can't, know what this data is.
Hmm, if 'they' find identical random data on your flash drive and on
mine, that would link us, even if they hadn't previously known we had met.

Perhaps we both know people who know people who know people who know Mr X -
or perhaps it's the latest blockbuster movie?

That seems strange. Why would 'they' believe that we have not had contact? The fact that we two have files that no one else has, with the same random-looking contents, is not made any more innocuous just because we both know Kevin Bacon.

People can, and are even encouraged to, cheat. It doesn't have to be a real
OTP after all, and most good ciphertext is indistinguishable from random
anyway ...

That's fine when I alone have a random-looking file that no one else has. Or you have some file unique to you.

If you're going to have an OTP in common with a correspondent, at least one you should keep it encrypted.

--Mike Amling
.

Loading