[p2p-hackers] Ideas for an opensource Skype lookalike (fwd from

Major Variola (ret) mv at cdc.gov
Sun Mar 14 04:56:15 PST 2004 

At 12:45 PM 3/13/04 +0100, Eugen Leitl FORWARDED:
>----- Forwarded message from Enzo Michelangeli <em at em.no-ip.com> -----
>
>Skype claims to use RSA-based key exchange, which is good for
multi-party
>conferencing but does not preserve forward secrecy. Maybe some variant
of
>ephemeral D-H authenticated by RSA signatures, with transparent
>renegotiation every time someone joins the conference, could do the job

>better.

RSA (ie persistant keys) may be an option but MUST NOT be
required, for secrecy reasons as mentioned.  (At worst RSA keys
can be used once, then discarded.  Lots of primes out there :-)

Also, this is *voice*, ie biometric auth,
so public-key-web-o-trust verislime scam is
unnecessary at best.  (Although for ringing up a business it
might be a useful redundancy in case you misdial, and if there
are introducers more trusted and perhaps liable than verislime)

>But the thing I particularly would like to discuss here is if, and how,
to
>leverage on existing P2P networks.

Get Real Networks or AOL or M$ to bundle a free, open secphone with
their regular
products.  In AOL case you can exploit their "buddy" (aka traffic
analysis) system
for your directory services.

I bet its suggested monthly.  And shot down by managers who have been
shown photos of their personal indiscretions taken by spooks.

One could always implement a brand new
>network, using Distributed Hash Table algorithms such as Chord or
>Kademlia,

We don't give a flying fuck as to which shiny new algorithm you use,
although were we a graph theory wonk, we might care.

but it would be much easier to rely from the very beginning upon
>a large number of nodes (at least for directory and presence
>functionality, if not for the reflectors which require specific UDP
code).

What the NAT world (yawn) needs is free registry services exploitable by
any
protocol.  Those NAT-users with RSA-clue can sign their registry entry.

>That would somehow repeat the approach initially adopted by Vocaltec
when,
>in 1995, they launched their Iphone making use of IRC servers to
publish
>dynamic IP addresses. Incidentally, the IRC users community didn't
>particularly appreciate ;-), triggering the Great Iphone War, which
>quickly led Vocaltec to set up its own dedicated IRC servers.

Net was a smaller place in 95.  A '95 machine didn't have MIPS to burn.
Not so many broadband nodes.  Bush was just an airhead redneck governor,
not
a rabid Caesar.

More information about the cypherpunks-legacy mailing list