Ian,
Thanks. Tell me what a better forum would be and I' ll gladly move this discussion there.
Your suggestion does use encryption if only as a catalyst. There was a time when encrypted content could not be sent to Canada from the US and I can imagine some governments forbidding the use of encryption.
Harvesting keywords from k messages of length n takes O(n.k) time and space, possibly with some large constants. If the messages are scrambled hopefully it would take O(k.n.log(n)) time to harvest them. What would really help imho with mass snooping would be a transfer method that requires O(k.log(k).n) time for any form of keyword harvesting. I don' t have an answer, hence the contest.
Another approach might be to string every m-th bit of a message of n bits, where m an n are relatively prime, cyclically.
Best of luck with Tor.
Cheers,
Joel
------------------------------ On Thu, Oct 3, 2013 2:58 PM PDT Ian Goldberg wrote:
On Thu, Oct 03, 2013 at 02:34:50PM -0700, Malard Joel wrote:
Do you think that the code at https://github.com/malardj/ slice, that uses neither encryption nor a password, could help a community proof their communications from massive systemic eavesdropping by making the latter computationally impractical or financially unsustainable? Do you think that a tool like that would be valuable if it existed? Would you think of some yourself that everyone could use?
I am unaffiliated with any institution but I would like to setup a contest for the best such algorithm or procedure that does not involve cryptography and that can be implemented by any group of ordinary citizens for the purpose of proofing their Internet communications of ASCII characters from systemic eavesdropping.
I need help setting up the rules of competition ( i never did this), finding judges (I am totally unqualified), finding (virtual) places where to announce and hold the competition. I would welcome your suggestion on how to make this contest more relevant to all. Can you help, or suggest where to look for help?
The code above is a quick example of the type of entries that I have in mind. It consists in a C++ program that inputs a character string, slices it and shuffles those slices into a javascript program that displays the input when it is run. The method purports to hamper the work of automated keyword harvesters. The available code does not support html text but that capacity is not be hard to add.
With best regards,
Joel Malard, PhD Fremont, CA
I don't think this is the right list for this discussion, but how about:
- Pick a 128-bit random key K
- Encrypt the message using key K with, say, AES-GCM or your favourite
authenticated encryption mode to yield the ciphertext C (including tag)
- randomize the last b bits of K to yield K', for some b, probably
around 30, but could be anything from 0 to 40ish.
- output K' concatenated with C
Notably, you don't output b. The receiver just runs a counter X up from 0 until C authenticates using the key (K' XOR X). b controls how long this will take, but the receiver doesn't know it. (There was a password-stretching algorithm like that in USENIX Security (I think it was) a little while ago; the adversary doesn't know how many iterations to wait before giving up / trying another password.) The high part of K acts like a salt.
It's kind of like the old Lotus Notes encryption, in that the NSA got to know the high part of the key, and just had to brute the low 40 bits, only now the receiver has to brute it as well. It's not technically encryption, as there's no shared or public key. But there's also no key management, of course.
- Ian
tor-dev mailing list tor-dev@lists.torproject.org https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev