dylanwinn Posted October 2, 2010 Share Posted October 2, 2010 I am about to describe a concept for a piece of software which I have been contemplating for quite a while. If a similar piece of software exists, please tell me; if not, then this thread will be dedicated to debating the design (and hopefully proof-of-concept) of said software. If you see any problems (especially security flaws), please speak up! First off, you and your closest friends would meet by some secure means and have a key-sharing party. You would pair with each other person individually, generate an AES key pair, and then swap public keys and IP addresses. Lather, rinse, repeat. By the end of the meeting, each person would have a key which could only be used to contact one other person, which would be known only to them and that person. This stage need not be automated. Then, you would enter the keys and matching addresses into the program, which would proceed to send your handle and IP address to the IP entered, encrypted with matching key, and wait for a similar response from that IP, encrypted with the correct public key. This establishes a verified secure connection with that person, using the handle and IP to ensure against a man-in-the middle attack. This would be repeated for each person you paired with earlier, establishing a network of trust, to be labeled "friends". Now, things start to get complicated. Every so often, you and each of your friends would compare buddy lists (handles only at this stage). If you find someone on your friend's list who is not on yours, then you meet with them using your friend as a proxy. You each connect to your mutual friend using your unique keys, and he forwards traffic between you. At this point, a temporary secure connection is established (inside of the secure proxy), so that your mutual friend will not be able to spy on you (note that he could inject information, but we'll trust him not to). The key-sharing party from before would then be repeated in private, and this new friend would be added to a separate network of trust, to be labeled "friends of friends", kept separate because you may not trust your friends' friends as much as they do. When you meet friends of friends of friends (3 layers of separation or more), they are added to an "everyone else" group, with even less trust. At this point, the software would keep track of your friends, informing you when they are offline or online, when their IP or handle changes, etc. On top of this, it would allow for secure messaging, file sharing, and VPNs between specific people, whole groups, or everyone. All data would be sent directly to its destination, eliminating the encumbering "onion" of Tor and Freenet at the sacrifice of anonymity. Quote Link to comment Share on other sites More sharing options...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.