beyond gnupg and tor - grothoff.org · by the nsa’s metadata analysis. ... tor protects location...
TRANSCRIPT
![Page 1: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/1.jpg)
Beyond GnuPG and TorTechnologies to secure the future Internet
Jeff Burdges & Christian Grothoff
28.6.2015
![Page 2: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/2.jpg)
Encryption is not enough.
![Page 3: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/3.jpg)
“We’ve developed a machine learning algorithm that isable to predict which customers will leave your sitewithout purchasing any of your products .. and thecapability to offer only this group a steeper discount thannormal to entice them to purchase before leaving,”
—Freshplum.
Amazon? Airline sites?
![Page 4: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/4.jpg)
![Page 5: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/5.jpg)
Former CIA agent Jeffrey Stirling wasconvicted of sharing classified informationwith the New York Times reporter JamesRisen based solely upon the fact that theyspoke over the phone many times.
![Page 6: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/6.jpg)
Al Jazeeras Islamabad bureauchief Ahmad Muaffaq Zaidan waslabeled as a member of Al Qaedaby the NSA’s metadata analysis.
![Page 7: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/7.jpg)
“We kill people based on metadata”- Michael Hayden (Ex-NSA Director)
![Page 8: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/8.jpg)
Tor protects location metadata.Tor Browser controls tracking when surfing the web.
![Page 9: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/9.jpg)
But what about the rest of the Internet?
![Page 10: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/10.jpg)
E-mail: Asynchronous messaging
I Email with GnuPG provides authenticity and confidentiality...
I ... but fails to protect metadata
I ... and also fails to provide forward secrecy aka key erasure
![Page 11: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/11.jpg)
E-mail: Asynchronous messaging
I Email with GnuPG provides authenticity and confidentiality...
I ... but fails to protect metadata
I ... and also fails to provide forward secrecy aka key erasure
![Page 12: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/12.jpg)
Why forward secrecy?
Imagine Eve records your GnuPG encrypted emails now, say here:
If Eve ever compromises your private key in the future, then shecan read the encrypted emails you sent today.
![Page 13: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/13.jpg)
Synchronous messaging
XMPP/OtR over Tor
I Forward secrecy from OtR
I User-friendly key exchange
I Location protection (Tor)
I ... but not asynchronous
I ... and leaks metadata
I No encrypted file transfers
![Page 14: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/14.jpg)
Why is OtR synchronous only?We achieve forward secrecy through key erasure by negotiating anephemeral session key using Diffie-Hellman.
Diffie-Hellman key exchange uses commutativity of exponentiation:
Ab = (g a)b = (gb)a = Ba mod p
Elliptic curve Diffie-Hellman uses commutativity of scalar multiplication:
dAQB = dAdBG = dBdAG = dBQA
Alice Bob
Tim
e
advertise QA
accept QA & send QB
acknoledge QB
Private keys:dA, dB
Public keys:QA = dAGQB = dBG
Answer: All three messages of the Diffie-Hellman key exchangemust complete before OtR can use a new ratchet key.
![Page 15: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/15.jpg)
Why is OtR synchronous only?We achieve forward secrecy through key erasure by negotiating anephemeral session key using Diffie-Hellman.
Diffie-Hellman key exchange uses commutativity of exponentiation:
Ab = (g a)b = (gb)a = Ba mod p
Elliptic curve Diffie-Hellman uses commutativity of scalar multiplication:
dAQB = dAdBG = dBdAG = dBQA
Alice Bob
Tim
e
advertise QA
accept QA & send QB
acknoledge QB
Private keys:dA, dB
Public keys:QA = dAGQB = dBG
Answer: All three messages of the Diffie-Hellman key exchangemust complete before OtR can use a new ratchet key.
![Page 16: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/16.jpg)
Axolotl by Trever Perin
Idea from Silence Circle’s SCIMP:Replace our key with its own hash.
Good: New key in zero round trips.
Bad: Stays compramized in future.
Approach:Run DH whenever possibleIterate key by hashing otherwise
“[Axolotl] combines the .. forward secrecy [of] a hashiteration ratchet like SCIMP [with the] future secrecy ..of a DH ratchet like OtR” — Moxie Marlenspike
![Page 17: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/17.jpg)
Axolotl by Trever Perin
Approach:Run DH whenever possibleIterate key by hashing otherwise
Way less bookeeping!
TripleDH provides authenticationwith deniability.
![Page 18: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/18.jpg)
Pond by Adam Langley
I Axolotl
I Recipients are pseudonynomous
I All traffic uses Tor
with a constant traffic profile
I Senders are anonymous but
authenticated by server
not anonymous to the recipient
No SPAM!
I Messages are deniable
I Encrypted attachments
I Forgets messages by default
https://pond.imperialviolet.org/
![Page 19: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/19.jpg)
End-to-end encrypted messengers
Syncr
onou
s
Asynch
ronou
s
KeyExc
hange
KeyEra
sure
Hides
Locatio
n
Hides
Met
adat
a
Email + GnuPG 3 WoT 7 7 7
XMPP + OtR 3 SMP session 7 7
... + Tor X.509 3 7
TextSecure 3 3 TOFU Axolotl 7 7
Pond 3 PANDA Axolotl Tor 3
Wot = Web of TrustSMP = Socialist Millionare’s ProtocolTOFU = Trust on first usePANDA is a password authenticated key exchange system
![Page 20: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/20.jpg)
Key exchange and name systems
I Identify users (or servers) by name
I Associate names with addresses, key material and otherproperties
I DNS was the first global system to do this, insecurely
I X.509, DNSSEC, Web-of-Trust, TOFU, SMP, PANDA andNamecoin also operate in this domain
![Page 21: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/21.jpg)
![Page 22: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/22.jpg)
Name System Properties
Suitable
for per
sonal
use
Mem
orab
le
Dec
entra
lised
Moder
ncr
ypto
grap
hy
Underst
andab
le
Hides
met
adat
a
Transit
ive
Exten
sible
DNS 7 3 7 7 7 7 3 7
DNSSEC 7 3 7 7 7 7 3 7
TLS-X.509 7 3 7 7 7 7 3 7
Web of Trust 3 7 3 7 7 7 3 7
TOFU 3 7 3 3 3 7 7
SMP/PANDA 3 7 3 3 3 3 7 7
Namecoin 7 3 7 3 3 7 3 7
GNS 3 3 3 3 3 3 3 3
![Page 23: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/23.jpg)
Name System Properties
Suitable
for per
sonal
use
Mem
orab
le
Dec
entra
lised
Moder
ncr
ypto
grap
hy
Underst
andab
le
Hides
met
adat
a
Transit
ive
Exten
sible
DNS 7 3 7 7 7 7 3 7
DNSSEC 7 3 7 7 7 7 3 7
TLS-X.509 7 3 7 7 7 7 3 7
Web of Trust 3 7 3 7 7 7 3 7
TOFU 3 7 3 3 3 7 7
SMP/PANDA 3 7 3 3 3 3 7 7
Namecoin 7 3 7 3 3 7 3 7
GNS 3 3 3 3 3 3 3 3
![Page 24: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/24.jpg)
The GNU Name System1
Properties of GNS
I Decentralized name system with secure memorable names
I Delegation used to achieve transitivity
I Supports globally unique, secure identifiers
I Achieves query and response privacy
I Provides alternative public key infrastructure
I Interoperable with DNS
New applications enabled by GNS
I Name services hosted in P2P networks
I Name users in decentralized social networking applications
1Joint work with Martin Schanzenbach and Matthias Wachs
![Page 25: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/25.jpg)
Name resolution in GNS
Local Zone:
www A 5.6.7.8
Bob Bob's webserver
KBobpub
KBobpriv
I Bob can locally reach his webserver via www.gnu
![Page 26: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/26.jpg)
Secure introduction
Bob Builder, Ph.D.
Address: Country, Street Name 23Phone: 555-12345 Mobile: 666-54321Mail: [email protected]
I Bob gives his public key to his friends, possibly via QR code
![Page 27: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/27.jpg)
Delegation
I Alice learns Bob’s public key
I Alice creates delegation to zone KBobpub under label bob
I Alice can reach Bob’s webserver via www.bob.gnu
![Page 28: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/28.jpg)
Name Resolution
BobAlice
DHT
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 29: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/29.jpg)
Name Resolution
BobAlice
DHTPUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 30: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/30.jpg)
Name Resolution
www.bob.gnu ?1
BobAlice
DHTPUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 31: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/31.jpg)
Name Resolution
www.bob.gnu ?1
BobAlice
DHT
'bob'?2
PUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 32: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/32.jpg)
Name Resolution
www.bob.gnu ?1
BobAlice
DHT
'bob'?23 PKEY 8FS7!
PUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 33: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/33.jpg)
Name Resolution
www.bob.gnu ?1
BobAlice
DHT
'bob'?23 PKEY 8FS7!
8FS7-www?4PUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 34: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/34.jpg)
Name Resolution
www.bob.gnu ?1
BobAlice
DHT
'bob'?23 PKEY 8FS7!
8FS7-www?4
A 5.6.7.8!5
PUT 8FS7-www: 5.6.7.8
0
...
...
www A 5.6.7.8
8FS7
BobA47G
...
...
bob PKEY 8FS7
Alice
![Page 35: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/35.jpg)
Query Privacy: Terminology
G generator in ECC curve, a point
n size of ECC group, n := |G |, n prime
x private ECC key of zone (x ∈ Zn)
P public key of zone, a point P := xG
l label for record in a zone (l ∈ Zn)
RP,l set of records for label l in zone P
qP,l query hash (hash code for DHT lookup)
BP,l block with encrypted information for label lin zone P published in the DHT under qP,l
![Page 36: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/36.jpg)
Query Privacy: Cryptography
Publishing records RP,l as BP,l under key qP,l
h : = H(l ,P) (1)
d : = h · x mod n (2)
BP,l : = Sd(EHKDF (l ,P)(RP,l)), dG (3)
qP,l : = H(dG ) (4)
Searching for records under label l in zone P
h : = H(l ,P) (5)
qP,l : = H(hP) = H(hxG ) = H(dG )⇒ obtain BP,l (6)
RP,l = DHKDF (l ,P)(BP,l) (7)
![Page 37: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/37.jpg)
Query Privacy: Cryptography
Publishing records RP,l as BP,l under key qP,l
h : = H(l ,P) (1)
d : = h · x mod n (2)
BP,l : = Sd(EHKDF (l ,P)(RP,l)), dG (3)
qP,l : = H(dG ) (4)
Searching for records under label l in zone P
h : = H(l ,P) (5)
qP,l : = H(hP) = H(hxG ) = H(dG )⇒ obtain BP,l (6)
RP,l = DHKDF (l ,P)(BP,l) (7)
![Page 38: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/38.jpg)
Is this it?
![Page 39: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/39.jpg)
Is this it?
![Page 40: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/40.jpg)
![Page 41: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/41.jpg)
Sometime in 2013...
![Page 42: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/42.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 43: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/43.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 44: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/44.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 45: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/45.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 46: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/46.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 47: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/47.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 48: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/48.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 49: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/49.jpg)
The NEWGNU Network (very simplified)
Internet
DNS/X.509
TCP/UDP
IP/BGP
Ethernet
Phys. Layer
GNUnet
Applications
GNU Name System
CADET (AXOLOTL)
R5N DHT
CORE (OTR)
HTTPS/TCP/WLAN/...
![Page 50: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/50.jpg)
Applications?
I Anonymous file-sharing
I Conversation
I Electronic voting (WiP)
I Messaging (WiP)
I News distribution (WiP)
I Social networking (WiP)
I Payment (WiP)
![Page 51: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/51.jpg)
Applications?
I Anonymous file-sharing
I Conversation
I Electronic voting (WiP)
I Messaging (WiP)
I News distribution (WiP)
I Social networking (WiP)
I Payment (WiP)
![Page 52: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/52.jpg)
GNU Taler
Modern economies need a currency.
![Page 53: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/53.jpg)
Motivation
Modern economies need a currency online.
![Page 54: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/54.jpg)
SWIFT?
SWIFT/Mastercard/Visa are too transparent.
![Page 55: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/55.jpg)
![Page 56: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/56.jpg)
This was a question posed to RAND researchers in 1971:
“Suppose you were an advisor to the head of the KGB,the Soviet Secret Police. Suppose you are given theassignment of designing a system for the surveillance ofall citizens and visitors within the boundaries of theUSSR. The system is not to be too obtrusive or obvious.What would be your decision?”
The result: an electronic funds transfer system that looks strikinglysimilar today’s debit card system.
![Page 57: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/57.jpg)
Let’s make cash digital and sociallyresponsible.
Taxable, Anonymous, Libre, Practical, Resource Friendly
![Page 58: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/58.jpg)
Let’s make cash digital and sociallyresponsible.
Taxable, Anonymous, Libre, Practical, Resource Friendly
![Page 59: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/59.jpg)
Architecture of GNU Taler
Mint
Customer Merchant
Auditor
with
draw
coin
s depositcoins
spend coins
verify
![Page 60: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/60.jpg)
Blind Signatures (Chaum)
Mint picks primes p and q, random e and a d such that:
de ≡ 1 mod (p − 1)(q − 1) (8)
Customer Mint
Tim
e
N := p · q, e
m ′ := cr e mod N (c coin, r random)
s′ := (m′)d mod N
Merchant Mint
s := s ′ · r−1 mod N, c
se?= c mod N
![Page 61: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/61.jpg)
Blind Signatures (Chaum)
Mint picks primes p and q, random e and a d such that:
de ≡ 1 mod (p − 1)(q − 1) (8)
Customer Mint
Tim
e
N := p · q, e
m ′ := cr e mod N (c coin, r random)
s′ := (m′)d mod N
Merchant Mint
s := s ′ · r−1 mod N, c
se?= c mod N
![Page 62: Beyond GnuPG and Tor - grothoff.org · by the NSA’s metadata analysis. ... Tor protects location metadata. Tor Browser controls tracking when sur ng the web. But what about the](https://reader030.vdocuments.mx/reader030/viewer/2022020302/5ad70cdc7f8b9ab8378bade7/html5/thumbnails/62.jpg)
Questions? Answers!
I http://www.decentralise.rennes.inria.fr/
I https://gnunet.org/videos
I http://www.taler.net/
I https://pond.imperialviolet.org/