Fwd: [Cryptography] A possible alternative to TOR and PrivaTegrity without backdoors

grarpamp grarpamp at gmail.com
Sun Jan 10 13:38:43 PST 2016


---------- Forwarded message ----------
From: Bill Cox <waywardgeek at gmail.com>
Date: Sun, Jan 10, 2016 at 9:38 AM
Subject: [Cryptography] A possible alternative to TOR and PrivaTegrity
without backdoors
To: "cryptography at metzdowd.com" <cryptography at metzdowd.com>


This is an old idea, but perhaps now there might be more reason to
consider it.  I currently call this idea Alias.  Here's my dumb
data-dump on it.  Thoughts?

Alias is a concept for a TOR-like Internet protocol supporting free
speech and user privacy, but without encouraging the worst evil
behaviors.  Exit Nodes are replaced with Public Gateways, which
sponsor users.  The definition of evil behavior is defined by the
Public Gateways and operators of routing nodes.  Users would be
encouraged to use good behavior, as their public alias would develop a
reputation over time.  Anonymity would be protected, but a user's
Public Gateway and any routing node could refuse to route data for
aliases with poor reputations.

TOR was created with a lofty goal: to support free speech.
Unfortunately, TOR has drawn attention from governments and law
enforcement, as it could be used to protect some of the worst
activities, such as contract killing, and the slave trade.  TOR Exit
Node operators generally follow a strict policy of never looking at
traffic, because simply observing this traffic would require Exit Node
operators in most countries to regularly contact law enforcement to
report crimes.  PrivaTegrity is an alternative protocol to TOR, which
aims to find a balance between protecting free speech and protecting
the world from the worst behavior.  Unfortunately, the PrivaTegrity
inserts encryption backdoors.

Alias Design:

This is very much a dumb idea in the half-baked stage.  Feedback and
ideas are welcome.

Alias would be a fork of TOR, and route Internet traffic from a user's
machine through a couple of Routing Nodes, to a Public Gateway, which
replaces the Exit Node.  The Public Gateway would have an account for
the user, under a pseudonym used on Alias network by the user, called
his alias.  The Public Gateway should keep an email contact address
for the user, similar to regular accounts on various web sites.

In Alias, user aliases would have trackable reputations, and the
reputations of user aliases would be combined into a reputation for a
Public Gateway.  At a minimum, incident reports would be used to
compute user reputations.  Exactly how this works is TBD, but the goal
is to cause gateways with very poor reputations to be effectively
blacklisted by routing nodes, and for users with poor reputations to
be dropped by reputable gateways.  Users could move their alias from
one gateway to another when needed, but they could not erase what
their previous gateway knows about there identity.  The Gateway would
not know a user's location, and in many cases will know nothing other
than the user's reputation and email address.  When requested by a
government authority, at a minimum, a gateway can drop support for a
user alias, causing that alias to try to find a new gateway that will
agree to sponsor it.

Participants who act as routing nodes in Alias would be able to select
what sort of reputations they require from aliases and Gateways to
allow traffic to be routed through them to those gateways.  They
could, for example, choose to not route data for any gateway with a
high reputation for routing to pornography sites.

I compare the TOR, PrivaTegrity, and Alias concepts in several "threat
cases" below:

Threat Case: Governments Overreact to Terrorism

In this case, we assume all the governments involved have decided to
share all user network traffic in a mass surveillance program.  The
user Alice has something to say, such as wanting to tell the world
that the mass surveillance program exists.

TOR:  Alice succeeds in using TOR to log into various blogging sites
and publishes her knowledge about the surveillance program.
Unfortunately, TOR provides limited defense against the Men in Black
(MiB), and Alice may be arrested.  The MiB is assumed to compromise
TOR in various ways, such as operating many Exit Nodes and monitoring
meta-data such as packet timing and size between nodes.

PrivaTegrity:  With the assumption that all governments involved are
colluding, Alice is revealed directly, without having to subvert the
protocol.

Alias:  Alice needs a Public Gateway to sponsor her.  She can choose a
gateway with a reputation of sponsoring free speech, such various
newspapers, in a country that is not participating in the mass
surveillance program.  When Alice posts what she knows to various
blogs, the Public Gateway (newspaper in this case) will be the the one
defending her anonymity.  In any case, even if the newspaper is forced
to reveal what they know about Alice, they never knew her location.

Conclusion: Alias seems to provide better protection of free speech in
this case.

Threat Case: A Single Government Blackmails the Rest

Suppose one of the governments involved decides to use it’s influence
in the protocol to blackmail one or more of the other governments
involved into agreeing to some political agenda.

TOR: If the government were the USA, it might have unique powers to
track users through the TOR network.  If true, the USA could refuse to
reveal a French suspected terrorist unless the French government share
mass surveillance data collected on it’s citizens.  Is this sort of
thinking too paranoid?

PrivaTegrity:  With nine separate governments who must collude to
expose a user, it is possible for any one of the nine to blackmail the
rest.  For example, if tracking down a particular user is of critical
importance to one government, another could demand certain trade
policies be agreed to before allowing that user to be revealed.

Alias:  A country containing the Public Gateway sponsoring a user
might make political demands from another country before agreeing to
force the Public Gateway to reveal a user’s email address.  However,
this coercion is weaker than weaker than the TOR case because there is
no country with majority control, and weaker than the PrivaTegrity
case because a government can coerce cooperation only from Public
Gateways in its country.

Conclusion: While none are immune to this threat, Alias seems to
perform better in this case.

Threat Case: Hackers Compromise the Network

In this case, a group of hackers wants to reveal the identity of a
particular user.

TOR: There is little chance that the attacker can hack all the nodes
from the user to the Exit Node, and since the Exit Node has no
information about the user, there seems to be little chance that the
hacker can reveal the user’s identity, short of bugs in the protocol.

PrivaTegrity:  While hackers might hack one or more of the nine
governments, it would be a considerable task for the hacker to hack
them all.  However, it is possible, and this is a weakness vs TOR.

Alias:  The hacker need only hack the user’s chosen Public Gateway,
which is a considerably simpler task than with PrivaTegrity.

Conclusion:  Hackability of Public Gateways is a significant weakness
for Alias compared to the other two.

Threat Case:  Evil Users Secretly Collude

In this case, suppose there is strong evidence that several evil users
wants to collude to do something terrible, and they want to
communicate anonymously.  For example, they could be running a
contract-killing business or enslaving people and selling them on the
Dark Web.

TOR:  Unfortunately, evil behaviors have been enabled in some cases over TOR.

PrivaTegrity:  The users involved in such evil activities can have
their communication secretly wiretapped.  This is a strong capability
for law enforcement in this case.

Alias: Assuming reputable Public Gateways are used, most of the users’
emails would be revealed to law enforcement.  This is weaker than a
wiretap.

Conclusion: In the case of severe evil, PrivaTegrity performs the
best, Alias next best, and TOR the worst.

Threat Case:  Somewhat Evil Users Secretly Collude

What is evil vs good is highly subjective, and getting people to agree
can be difficult.  In this case, the users are engaged in what most
reasonable people consider evil.  For example, consider illegal trade
in ivory, which could lead to the extinction of wild elephants.

TOR:  Users trading in ivory likely would benefit from using TOR.

PrivaTegrity:  Having to get cooperation from nine governments may be
too painful when tracking down a single ivory trader, and the ivory
trader likely could use PrivaTegrity to their advantage.  If, on the
other hand, the nine governments put in place a rapid rubber-stamp
process to enable going after small-time criminals, then this
capability can be highly abused.

Alias:  Ivory traders would avoid using Alias through reputable Public
Gateways, since their identities could easily be revealed¸ and the
sites the traders visit to buy/sell ivory would not likely be very
reputable, lowering their alias' reputation.

Conclusion: Alias seems to perform better at determine somewhat evil behaviors.

Bill

_______________________________________________
The cryptography mailing list
cryptography at metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
-- 
tor-talk mailing list - tor-talk at lists.torproject.org
To unsubscribe or change other settings go to
https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk




More information about the cypherpunks mailing list