BitShares Forum
Main => General Discussion => Topic started by: luckybit on December 10, 2015, 12:04:47 am
-
This is an idea for review.
@Stan
@bytemaster
@xeroc
@AOnk
@bitacer
@ebit
@Thom
@Soepkip
@fuzzy
A new secure messaging breakthrough just happened allowing for secure communication beyond what Tor is capable of, which is also resistant to timing analysis and MITM type attacks. It's resistant to surveillance even if all of the Internet is being monitored in real time.
Bitshares should be the first to implement this and the fees from using this should go to the people who funded it. I think this feature would be far more popular than Stealth transactions, but also generate a ridiculous amount of fees. It would of course require very small fees but when you want privacy you might be willing to pay a fraction of a cent to a cent per message.
The breakthrough paper is here: https://people.csail.mit.edu/nickolai/papers/vandenhooff-vuvuzela.pdf
It's called Vuvuzela. The idea is to take the innovations from it's design to create a Bitshares community exclusive UIA to crowd donation, which can create an app which goes beyond transferring value and which can be a mainstream app.
Less technical explanation: (http://images.sciencedaily.com/2015/12/151207113957_1_540x360.jpg)
http://www.sciencedaily.com/releases/2015/12/151207113957.htm
http://news.mit.edu/2015/untraceable-anonymized-communication-guaranteed-1207
As is customary I've attached a poll. The data from the poll will inform the community on the level of demand and on what to do next.
-
If enough people think this is a good idea, I would also say, while Vuvuzela is pretty good in that it is statistically secure, the Graphene technology allows for so much more. How can we go far beyond what they did while also making sure it's not too expensive for developers to build?
The goal should be to create the Marketing -> "Most Secure Messaging On Earth" <- Marketing.
And to do that we will have to use a technique of "idea mining". If you think this idea is good, and you've read the white paper, and you're familiar with cryptography and the academic literature behind secure communications, then you're recruited to improve on the breakthroughs of Vuvuzela with any ideas or breakthroughs you can find.
I'm asking for a crowdsourced research project to use this thread as a home base. This way the best ideas can be in one place for developers if this ever becomes an FBA backed technology.
(http://images.techhive.com/images/idge/imported/article/ctw/2012/10/29/innovation_focus-100391757-orig.jpg)
-
+5%
-
Absolutely!
-
@luckybit you should definitely check out "Linear Random Network Coding" or network coding in general.
This in combination with Shamir Secret Sharing rate-less codes could maybe be extended to an even more powerfull decentralized communications platform ..
I will think more about it
-
please make it happen! +5%
-
Why is this better than the memo encryption we have in bitshares right now?
-
Why is this better than the memo encryption we have in bitshares right now?
How would memo encryption prevent someone with an ability to analyze traffic to see who you're sending messages to? Could your ISP see it? Could anyone see it?
Memo encryption while I don't have the details on it, if it's just encryption then it's not going to be enough. It's not just important that you're encrypted but more that you're immune to all forms of analysis. If it's not possible to know who sent or received what then you're far more secure. Alice and Bob would need to be able to communicate in the dead drop method where no one can link Alice to Bob.
And this would also be something which can be a mainstream app which is completely separate from financial services or anything like that. It would be for people who need secure communications and who are willing to pay for privacy through micropayments. In theory perhaps it could be built into websites or be an app on mobile phones, with no link to Bitshares at all but which would still provide fees to the network.
If you know a lot about encrypted memos, your knowledge could be useful to design something far better than that. The goal is to be the "Most Secure Messaging On Earth". There are a lot of different technologies to review and research such as DTNs (disruption tolerant networking), which can actually integrate into an Internet of Things, so that by paying micropayments to various things your messages can be relayed like how a DTN would do it.
Of course all of this would depend on how much of a budget there is, and if it's a FBA then if it's a very popular feature it would pay for itself and have enough of a budget so that it literally can evolve into the "Most Secure Messaging On Earth".
-
Using the "drop box" approach does not solve the "routing" problem unless you use the same drop box over and over. In which case the problem can be described as:
How do I put information "X" into public mailbox "Y" without anyone knowing I was the one putting the message there.
A second question is how do I check mailbox "Y" without anyone knowing I am the one checking it.
The solution is for me to put my message in an envelope, then put the envelope inside another envelope, and lastly put that inside yet another envelope. I then mail the message, the first recipient opens it and "re-mails it", the second recipient does the same. This is how remailing works in the physical world (where it is grey market / illegal).
The only difference here is that the remailer batches messages and then adds bogus messages into the mix. This means that second remailer cannot correlate inputs to the source with outputs.
The final destination for all mail would be the blockchain which is replicated in such a manner that users can check their mail without revealing which mailbox they are looking at.
The challenges posed by this protocol include:
1. How do the remailers get paid?
2. How is payment made in such a way that doesn't compromise the intended goal?
3. How do you verify the remailer doesn't just drop your message after taking payment?
4. What size should every message be, they must all be the same size or patterns can be detected / correlated.
Lastly, and most significantly, how much does this degrade the user experience? If it degrades it much at all then your target audience is greatly reduced.
In fact, I would argue that BitMessage is already sufficient for this market (with a better UI perhaps).
-
How would memo encryption prevent someone with an ability to analyze traffic to see who you're sending messages to? Could your ISP see it? Could anyone see it?
Indeed it does not. I guess my point is that the anonymity features implemented by the blockchain ought to be enough to cover all possibilities. If they're not, then its not true anonymity. You don't need a new protocol for that. Bitshares design needs to be good enough to cover it.
-
I was under the impression that memo is unbreakable at least until today .....
-
I was under the impression that memo is unbreakable at least until today .....
They can't see what you said, but they can see who you said it to and when. That alone is often enough.
-
I think encryption is all that is needed.. They will know you send messages but cannot prove what you say and that is all that matters. Analyzing more and trying to prove more is a waste of resources imo.
-
As linked from the whitepaper
https://www.youtube.com/watch?v=kV2HDM86XgI&t=17m50s (https://www.youtube.com/watch?v=kV2HDM86XgI&t=17m50s)
For anyone without access to youtube, or that doesn't want to click and watch for 20 seconds. This is a video of Michael Hayden saying that the USG kills people based on metadata.
-
The final destination for all mail would be the blockchain
You need to read the paper more carefully -- you're no longer talking about Vuvuzela, but some hypothetical blockchain-based system that does things differently than Vuvuzela. Vuvuzela's critical contribution is that it's scalable because it doesn't broadcast messages. If you put messages on the blockchain, you're not only broadcasting them (which is more expensive than the way Vuvuzela does it) but requiring the broadcast nodes to archive them (broadcasting and archiving is even more expensive than broadcasting).
OP idea doesn't really specify how Vuvuzela protocol would interact with the blockchain or what would give the asset any value.
-
I think you should amend your poll options to allow for doing it so as not to interfere with other work talking place, such as getting the UI / UX in better shape so it's more attractive to traders and easy to use for all.
I'm happy to see the progress is moving right along, thanks to the efforts of Jakub & Bill Buttler, an of course the devs doing the actual work.
I have read the papers on Vuvuzela and think this is an excellent candidate to extend our ecosystem. Perhaps it could be adapted for use with web servers for truly anonymous browsing, which if that can be done provides another layer of security for web wallets,
In general I'm in favor of using this technology, but it should not impact efforts currently underway. An FBA could accomplish that if devs other than the core devs or those already working to complete current efforts, were recruited or found to do this work.
Realistically, I'm not sure it's reasonable to expect that such an FBA would not have some impact on current efforts, if nothing else discussion about API and code to integrate this new feature. Without more examples, tutorials and documentation efforts like this cannot be purely independent.
-
Using the "drop box" approach does not solve the "routing" problem unless you use the same drop box over and over. In which case the problem can be described as:
How do I put information "X" into public mailbox "Y" without anyone knowing I was the one putting the message there.
A second question is how do I check mailbox "Y" without anyone knowing I am the one checking it.
The solution is for me to put my message in an envelope, then put the envelope inside another envelope, and lastly put that inside yet another envelope. I then mail the message, the first recipient opens it and "re-mails it", the second recipient does the same. This is how remailing works in the physical world (where it is grey market / illegal).
The only difference here is that the remailer batches messages and then adds bogus messages into the mix. This means that second remailer cannot correlate inputs to the source with outputs.
The final destination for all mail would be the blockchain which is replicated in such a manner that users can check their mail without revealing which mailbox they are looking at.
The challenges posed by this protocol include:
1. How do the remailers get paid?
2. How is payment made in such a way that doesn't compromise the intended goal?
3. How do you verify the remailer doesn't just drop your message after taking payment?
4. What size should every message be, they must all be the same size or patterns can be detected / correlated.
Lastly, and most significantly, how much does this degrade the user experience? If it degrades it much at all then your target audience is greatly reduced.
In fact, I would argue that BitMessage is already sufficient for this market (with a better UI perhaps).
Bitmessage is decent but it doesn't use the Bitshares blockchain. Bitmessage is funded on the donation model.
You of course could use something very similar to Bitmessage but could it work over Bitshares?
Anyway
http://blog.acolyer.org/2015/10/23/vuvuzela-scalable-private-messaging-resistant-to-traffic-analysis/
-
The final destination for all mail would be the blockchain
You need to read the paper more carefully -- you're no longer talking about Vuvuzela, but some hypothetical blockchain-based system that does things differently than Vuvuzela. Vuvuzela's critical contribution is that it's scalable because it doesn't broadcast messages. If you put messages on the blockchain, you're not only broadcasting them (which is more expensive than the way Vuvuzela does it) but requiring the broadcast nodes to archive them (broadcasting and archiving is even more expensive than broadcasting).
OP idea doesn't really specify how Vuvuzela protocol would interact with the blockchain or what would give the asset any value.
It's all up for discussion. I do think it can be monetized via the Internet of things but I don't know if it would have to be done over Bitshares or over a DAG like Iota.
-
As linked from the whitepaper
https://www.youtube.com/watch?v=kV2HDM86XgI&t=17m50s (https://www.youtube.com/watch?v=kV2HDM86XgI&t=17m50s)
For anyone without access to youtube, or that doesn't want to click and watch for 20 seconds. This is a video of Michael Hayden saying that the USG kills people based on metadata.
And their families wouldn't stand up and tell the world that they had no proof? I don't think that anything that not proving that someone did or said something woudl be used to get rid of people even for the power monger USG.
-
The only way to bring this into bitshares (which makes any sense) is to do nothing and wait for proper anonymity to be implemented in bitshares transactions. Then you just send a memo and you're done.
-
The only way to bring this into bitshares (which makes any sense) is to do nothing and wait for proper anonymity to be implemented in bitshares transactions. Then you just send a memo and you're done.
But does it scale? How much data is contained in a memo?
-
The only way to bring this into bitshares (which makes any sense) is to do nothing and wait for proper anonymity to be implemented in bitshares transactions. Then you just send a memo and you're done.
But does it scale? How much data is contained in a memo?
If it doesn't scale, then bitshares doesn't scale either.
-
The only way to bring this into bitshares (which makes any sense) is to do nothing and wait for proper anonymity to be implemented in bitshares transactions. Then you just send a memo and you're done.
But does it scale? How much data is contained in a memo?
If it doesn't scale, then bitshares doesn't scale either.
Is there any possible way that any MITM attack can happen? Can anyone find out who is sending messages to who, or who is checking their messages and when? Encryption doesn't go far enough.
-
Is there any possible way that any MITM attack can happen? Can anyone find out who is sending messages to who, or who is checking their messages and when? Encryption doesn't go far enough.
See the stealth transfers proposal. The only place this proposal is lacking is that the sender and recipient can prove a connection between themselves if they so chose.
-
@bytemaster
Here is the source code: https://github.com/davidlazar/vuvuzela
Elucidate what you can from it.