Re: The Republic of Desire (anonymous organizations)
My only problem with this is knowing how to organize the "guerilla cell structures" or whatever it was he mentioned. Anyone have a ref for something that discusses guerilla cell organizations?
The classic Russian model (late 1800's through the October Revolution) was to have three-person cells, each of which had one person who knew one person above them in the hierarchy and someone who knew one person below them. This makes for good security as there is no redundant information in the network and one failure breaks the chain. I don't have any specific citations in mind, but the Russian history instructors at A&M might be a good place to start. Best regards, Curtis D. Frye cfrye@ciis.mitre.org "If you think I speak for MITRE, I'll tell you how much they pay me and make you feel foolish."
This is kind of off-topic, but I thought the classic three-person cell was as follows: A / \ B - C / \ D G / \ / \ E - F H - I where a line shows cell membership. So A commands a cell of himself, B and C but knows no one below. A is either the leader, or is known by one member above. B knows D is the leader of another cell, but does not know who E and F are (or even if they exist). Similarly for C. This organization is vulnerable in two ways: any one person can give up three others; and the chain can be followed (e.g. compromising B can lead to compromising D and then to E, etc.). Because information has to flow between the cells, there is potential for compromise. I can't think of a way around this problem. If information flows from B to E, either B must know of E's existence or non-existence. --Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard Media Lab - Advanced Human Interface Group wex@media.mit.edu Voice: 617-258-9168, Pager: 617-945-1842 PUBLIC KEY available by request Try not to have a good time ... This is supposed to be educational.
Date: Thu, 18 Nov 93 12:04:51 -0500 From: "Alan (Gesture Man) Wexelblat" <wex@media.mit.edu>
This is kind of off-topic, but I thought the classic three-person cell was as follows:
A / \ B - C / \ D G / \ / \ E - F H - I
where a line shows cell membership. So A commands a cell of himself, B and C but knows no one below. A is either the leader, or is known by one member above. B knows D is the leader of another cell, but does not know who E and F are (or even if they exist). Similarly for C.
This organization is vulnerable in two ways: any one person can give up three others; and the chain can be followed (e.g. compromising B can lead to compromising D and then to E, etc.). Because information has to flow between the cells, there is potential for compromise.
I can't think of a way around this problem. If information flows from B to E, either B must know of E's existence or non-existence.
See R. A. Heinleins's ``Moon is a Harsh Mistress'' for some discussion of this topic. ------------------------------------------------------------------------------ Chet Edelman "Truth is a blanket that leaves your feet out in the cold" D.P.S. EMAIL: coe@panix.com SNAIL: 1718 Ocean Avenue, Brooklyn NY 11230 VMAIL: (718) 338-1432
"Alan (Gesture Man) Wexelblat" writes: [[..deletia..]]
This organization is vulnerable in two ways: any one person can give up three others; and the chain can be followed (e.g. compromising B can lead to compromising D and then to E, etc.). Because information has to flow between the cells, there is potential for compromise.
I can't think of a way around this problem. If information flows from B to E, either B must know of E's existence or non-existence.
The cell structure of 3 people wouldn't necessarily need to know the "True Names" of anyone in other cells. That's what the crypto-anarchy tools are for: anonymous credentials, DC-nets and webs-of-trust, digital signatures, etc. These tools can be used for "authenticating" the other cells, and communicating with them without compromising (well... hopefully) your True Name and security. Knowing only anonymous Ids of other "persons" in the other cells is useless to the "authorities". Unless of course they can get your passwords and keys and spoof you. Now how can we make a protocol for protection against such spoofing? Some sort of Zero Knowledge proof scheme? -- Allan Bailey, allan@elvis.tamu.edu | "Freedom is not free." Infinite iversity in Infinite Combinations | allan.bailey@tamu.edu GCS -d+ p--- c++++ l+++ u++ e++ m++ s n+ h+ f g+ w+ t+ r y+ "Liberty means responsibility. That is why most men dread it." -- George Bernard Shaw "Armadillos....those are the meanest suckers you're ever gonna wanna see... But you gotta kill 'em the first time, otherwise they get this revenge thing in their heads and they come lookin' for ya......." -- (i got this from the 'zine Armadillo Culture)
Sorry, I was a little unclear. When I worried about someone in a cell being compromised, I assumed that through social engineering (like throwing in jail, serving with subpoenas, seizing property, etc.) someone had pressured or tricked this person into revealing hir secret keys. If you know you're being pressured and can use a backup works-but-I'm-in-trouble key, that's a partial solution. --Alan
Sorry, I was a little unclear. When I worried about someone in a cell being compromised, I assumed that through social engineering (like throwing in jail, serving with subpoenas, seizing property, etc.) someone had pressured or tricked this person into revealing hir secret keys.
If you know you're being pressured and can use a backup works-but-I'm-in-trouble key, that's a partial solution.
AAAHHH!!!! EXCELENT IDEA!!! Think about it. It's a beautiful extension to PGP, the "I'm-being-coerced" password. Seems to work, but deletes everything irreparably(sp?). I don't think the PGP coders will put something like this in, but the people in my RoD-cell will definately have it as soon as I'm done. =) -- Allan Bailey, allan@elvis.tamu.edu | "Freedom is not free." Infinite Diversity in Infinite Combinations | allan.bailey@tamu.edu GCS -d+ p--- c++++ l+++ u++ e++ m++ s n+ h+ f g+ w+ t+ r y+ "Liberty means responsibility. That is why most men dread it." -- George Bernard Shaw "Armadillos....those are the meanest suckers you're ever gonna wanna see... But you gotta kill 'em the first time, otherwise they get this revenge thing in their heads and they come lookin' for ya......." -- (i got this from the 'zine Armadillo Culture)
participants (4)
-
Alan (Gesture Man) Wexelblat -
allan@elvis.tamu.edu -
cfrye@ciis.mitre.org -
Chester Edelman