[tor-dev] Tools of Mass Obfuscation or where are my internet curtains?
malardj2002 at yahoo.com
Fri Oct 4 06:24:59 UTC 2013
Thanks. Tell me what a better forum would be and I' ll gladly move this discussion there.
Your suggestion does use encryption if only as a catalyst. There was a time when encrypted content could not be sent to Canada from the US and I can imagine some governments forbidding the use of encryption.
Harvesting keywords from k messages of length n takes O(n.k) time and space, possibly with some large constants. If the messages are scrambled hopefully it would take O(k.n.log(n)) time to harvest them. What would really help imho with mass snooping would be a transfer method that requires O(k.log(k).n) time for any form of keyword harvesting. I don' t have an answer, hence the contest.
Another approach might be to string every m-th bit of a message of n bits, where m an n are relatively prime, cyclically.
Best of luck with Tor.
On Thu, Oct 3, 2013 2:58 PM PDT Ian Goldberg wrote:
>On Thu, Oct 03, 2013 at 02:34:50PM -0700, Malard Joel wrote:
> Do you think that the code at https://github.com/malardj/ slice, that uses neither encryption nor a password, could help a community proof their communications from massive systemic eavesdropping by making the latter computationally impractical or financially unsustainable? Do you think that a tool like that would be valuable if it existed? Would you think of some yourself that everyone could use?
> I am unaffiliated with any institution but I would like to setup a contest for the best such algorithm or procedure that does not involve cryptography and that can be implemented by any group of ordinary citizens for the purpose of proofing their Internet communications of ASCII characters from systemic eavesdropping.
> I need help setting up the rules of competition ( i never did this), finding judges (I am totally unqualified), finding (virtual) places where to announce and hold the competition. I would welcome your suggestion on how to make this contest more relevant to all. Can you help, or suggest where to look for help?
> With best regards,
> Joel Malard, PhD
> Fremont, CA
>I don't think this is the right list for this discussion, but how about:
>- Pick a 128-bit random key K
>- Encrypt the message using key K with, say, AES-GCM or your favourite
> authenticated encryption mode to yield the ciphertext C (including
>- randomize the last b bits of K to yield K', for some b, probably
> around 30, but could be anything from 0 to 40ish.
>- output K' concatenated with C
>Notably, you don't output b. The receiver just runs a counter X up from
>0 until C authenticates using the key (K' XOR X). b controls how long
>this will take, but the receiver doesn't know it. (There was a
>password-stretching algorithm like that in USENIX Security (I think it
>was) a little while ago; the adversary doesn't know how many iterations
>to wait before giving up / trying another password.) The high part of K
>acts like a salt.
>It's kind of like the old Lotus Notes encryption, in that the NSA got to
>know the high part of the key, and just had to brute the low 40 bits,
>only now the receiver has to brute it as well. It's not technically
>encryption, as there's no shared or public key. But there's also no key
>management, of course.
> - Ian
>tor-dev mailing list
>tor-dev at lists.torproject.org
More information about the tor-dev