Jump to content

Automated Network Or Trust


dylanwinn

Recommended Posts

I am about to describe a concept for a piece of software which I have been contemplating for quite a while. If a similar piece of software exists, please tell me; if not, then this thread will be dedicated to debating the design (and hopefully proof-of-concept) of said software. If you see any problems (especially security flaws), please speak up!

First off, you and your closest friends would meet by some secure means and have a key-sharing party. You would pair with each other person individually, generate an AES key pair, and then swap public keys and IP addresses. Lather, rinse, repeat. By the end of the meeting, each person would have a key which could only be used to contact one other person, which would be known only to them and that person. This stage need not be automated.

Then, you would enter the keys and matching addresses into the program, which would proceed to send your handle and IP address to the IP entered, encrypted with matching key, and wait for a similar response from that IP, encrypted with the correct public key. This establishes a verified secure connection with that person, using the handle and IP to ensure against a man-in-the middle attack. This would be repeated for each person you paired with earlier, establishing a network of trust, to be labeled "friends".

Now, things start to get complicated. Every so often, you and each of your friends would compare buddy lists (handles only at this stage). If you find someone on your friend's list who is not on yours, then you meet with them using your friend as a proxy. You each connect to your mutual friend using your unique keys, and he forwards traffic between you. At this point, a temporary secure connection is established (inside of the secure proxy), so that your mutual friend will not be able to spy on you (note that he could inject information, but we'll trust him not to). The key-sharing party from before would then be repeated in private, and this new friend would be added to a separate network of trust, to be labeled "friends of friends", kept separate because you may not trust your friends' friends as much as they do. When you meet friends of friends of friends (3 layers of separation or more), they are added to an "everyone else" group, with even less trust.

At this point, the software would keep track of your friends, informing you when they are offline or online, when their IP or handle changes, etc. On top of this, it would allow for secure messaging, file sharing, and VPNs between specific people, whole groups, or everyone. All data would be sent directly to its destination, eliminating the encumbering "onion" of Tor and Freenet at the sacrifice of anonymity.

Link to comment
Share on other sites

I definitely like the concept, of a VPN software that is PSK based.

Link to comment
Share on other sites

Erm, "OpenVPN allows peers to authenticate each other using a pre-shared secret key, certificates, or username/password" (http://en.wikipedia.org/wiki/OpenVPN). Of course, all of that goes through SSL, so I guess that's not exactly what you were after.

Aside from that, plus lack of Linux support and the broken web site, WASTE seems to be pretty much exactly what I'm after. Thanks for the heads up!

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...