

How To CryptoParty - niels_olson
http://cryptoparty.informatick.net/parties/howto

======
derrida
I've participated in 5 of these now. I've noticed new bugs, and have a new
appreciation for the art of a UI design because of it. Feel free to ask any
questions or drop into the irc at #cryptoparty on irc.oftc.net (you can
connect through Tor)

There have been 100's of them in >50 cities. It took off when the Australian
Government notified the public that they intended to increase the powers of
the intelligence agencies.

It's not so much teaching cryptography as it would be in a university or
hacker to hacker as it is teaching people all of the pitfalls and what's
hidden from the UI and what's really going on when you say, use Tor.

~~~
niels_olson
What are some of your bugs and design improvements? I plan on attempting one
of this in the next couple of weeks.

~~~
derrida
I was mostly helping people with Tor-related stuff and didn't have time to get
a sense of the other usability issues out there in thinks like whole disk-
encryption and PGP.

There is a very literal UI bug that is also a security problem in the Tor
Browser Bundle. If you resize the Firefox window, you increase your browsers
uniqueness & thus make you easier to identify. Try this by switching off a
toolbar and noticing the difference at panopticlick.eff.org

Getting a piece of software like Pidgin to work through Tor was a challenge
for many. The concepts of 'localhost' and sockets and a TCP-stream was
challenging to get across. I don't really know the answer to this problem.
These are hard issues to solve with software and the best we've got so far, I
think, is education. If I had to imagine a piece of software: something like a
packet filter that could go into 'incognito mode' set-up a transparent proxy
and automatically flag packets that could reduce one's anonymity or reveal
one's identity, then recommend steps to take in the relevant applications to
get around that. It's not a completely thought through idea but maybe someone
will come along and read this and it would spark the solution in their mind.

There are more bugs than people, check out trac.torproject.org and see what
you can do. The #tor irc channel on irc.oftc.net & tor-
talk@lists.torproject.org are good places to ask questions.

~~~
thomasbk
The answer to things like the Pidgin configuration issue you mentioned could
be [https://tails.boum.org/](https://tails.boum.org/) \-- a live USB
distribution that runs all traffic through Tor, and comes with Pidgin
preinstalled and preconfigured. It has optional encrypted persistence too.

~~~
derrida
Yes, I did show some people through this too. However, it's not usable as an
everyday operating system, for, say researchers such as academics, or
journalists.

------
blackaspen
While I'm all for propagating the knowledge of cryptography, there was a kid
in High School would walk around handing his public key out to people on slips
of paper. That wasn't terribly effective for him.

~~~
niels_olson
Here's my issue with that, and, hey, I sort of agree, I have found pgp to be
useful among hackers, but no one outside that circle has any interest in it,
even my mom, the college math teacher.

But is this where the technorati has failed to fill their real social
obligation? Are we the new Russian intellectuals who failed to engage the
people? Are we so self-absorbed in navel-gazing on Hacker News that we fail to
actually execute on the one idea that matters? If we can't restore the
security of communications, how will history judge us?

~~~
stinkytaco
I love PGP, but I would think that history would judge us for not developing
something more accessible rather than for not spreading PGP. Even I, a PGP
user and geek, access my email via Gmail web or my phone's app most of the
time rather than via my IMAP client because most people I communicate with
don't use PGP and cannot be bothered to (because they also use webmail). And
the sad part? I don't blame them. I'm not at my computer all the time. I don't
carry it with me anymore and neither do they. They check it from work, from
their phone or wherever.

I don't have a solution for the problems that would plague a good
crypto/identity system. Centralized trusted parties? That's worked just OK for
websites and it entails a cost, and the paranoia that comes with it. A open
solution like Persona? Maybe, but I don't know how to integrate that across
browsers and devices without trust concerns.

No, I don’t know. But I do know that PGP is a lot of trouble.

~~~
jiggy2011
It's a shame facebook doesn't allow for sharing PGP keys, that would solve the
problem pretty well.

~~~
stinkytaco
It would go some of the way to solving the problem, but you've got to trust
Facebook in that exchange and I'm not sure I do. The only real way to
establish trust in PGP is in person (or over the phone if you really know the
person).

That said, I do think Facebook could go a long way to establishing a trust
infrastructure.

~~~
jiggy2011
You would to a point. However your facebook friends could verify you by
signing your public key with their private keys.

Private keys could be stored on facebook's servers but encrypted with a key
that is not sent to facebook (so all client side). The signing interface could
be built into the facebook UI (like a verify button).

So hopefully the FB API could expose public keys for use by other apps.

Not perfect, but the advantage is that people already have FB accounts linked
to their real IDs.

~~~
stinkytaco
This would all be good once trust is established. FB would basically become a
large keyserver that people already use, with an exposed API. That's a good
thought.

But I would still need to verify the trust _in person_. Otherwise, Facebook
could be the MITM.

Which is, of course, the problem with the web of trust concept being exposed
to the world at large. Too many people would simply establish trust for the
expediency. I can see someone in my high school class signing my key and thus
expecting me to do the same, without any understanding of the _point_ of the
whole business. If Facebook has shown us anything, it's that interpersonal
concepts (like "friend") can be easily eroded.

~~~
jiggy2011
Yes, you would still have to trust FB to a degree , especially in the initial
phase and they would still be serving the code that did all of the crypto so
you have issues there.

Once the trust was established though, especially with OTR it would be more
difficult for them to later start abusing it. But it's still an improvement on
FB having everything on their server under their complete control, if they
starting messing with keys people would notice.

There could be a problem with people just signing any old key, but really you
just need to verify that the person is who they say they are. I think that
works 90% of the time on FB as it is, it's unlikely you'd get away with being
an imposter.

~~~
jlgaddis
> Yes, you would still have to trust FB to a degree

Lots of people trusted Hushmail "to a degree" and we saw how that turned
out...

------
Create
“You can't solve social problems with software.” (Marcus Ranum).

~~~
EthanHeilman
Yes you can, given three assumptions:

1\. Social relations depend on communication flows (i.e. Marx was wrong the
superstructure is informational). 2\. Software allows new communication flows.
3\. Communication, like water, finds its own level.

Rearrange social relations by altering communications flows. Rearrange
communication flows by creating a flow that is easier than the Status Quo. The
Babylonians did this with cuneiform, the Romans did this with roads, Radio did
this, TV did this, the Internet did this. Software allows you to create new
communication flows.

The question is what social problems can be solved by reordering social
relations and to what extend these particular social relations depend on
communication flows.

~~~
stinkytaco
I would argue that none of these developments solved the social problem we're
talking about, however, i.e. keeping conversations private and creating trust.
Indeed, these developments made it worse because face to face interaction is
no longer necessary, and putting the means of communication out of your
control (either by transmitting it over a medium you don't control or simply
by making it so complicated you can't possibly control it) increasing the
likelihood of the "man in the middle" either intercepting your communications
or impersonating them.

So I would say that you can reflow communication all you want, but that the
underlying problem here is trust and knowledge and those are social problems.
People either need to appreciate what these new communication flows mean
and/or establish ways to bring _their_ communications under their control
(i.e. crypto).

That said, I think the idea of establishing trust through key signing parties
(and "crypto" parties) is an interesting one. One of the key features of this
is learning from someone you likely don't know, just as when you do a key
signing party everyone requires some sort of government ID. In the end, you've
got to put your trust in _someone_ , right? So, back to the social problem.

~~~
EthanHeilman
I agree, I was objecting to the general statement that “You can't solve social
problems with software.". There are social problems that are solvable with
software and social problems that are not. It is an open question which
cryptographic problems are of which class.

I would argue that provable-identity is probably solvable in software, but
that identity and utility are deeply connected notions. For instance Alice
wants to talk to Bob to satisfy some want or need. His identity is only
important to the extent that it is a necessary part of the utility of the
communication.

Generally two nodes in a network can prove that they have access to a
particular set of keys, but the system tends to fall down on proving that they
are useful to each other. A MITM attack is merely one party pretending to be
as useful to the communicator as the intended recipient. If you disagree
consider that your packets don't go directly to your bank, but are
"rebroadcast" by routers and switches along the route.

~~~
stinkytaco
I'm not following this argument. If someone is able to compromise Bob's key
and impersonate them, then the identity system has broken down. The "utility"
and "identity" are effectivly the same in your arguement. If I have something
I want to communicate to Bob what matters is his _identity_ not really
anything else. Thus I either need to trust the party that verifies his
identity or I need to verify the identity personally and I need to trust Bob
to maintain control of his keys.

~~~
EthanHeilman
>If I have something I want to communicate to Bob what matters is his identity
not really anything else.

But how do you know that Bob exists and you want to talk to him? At some point
you met someone named Bob and at some point you decided you wanted to
communicate with him, but Bob as an identity really only exists in your head.
He could be named Jim, he could be someone that is pretending to be Bob, Bob
might be one of two twins both named Bob. Maybe Bob is working for your
enemies.

One way to simplify the thorny issue of identity is to look at what someone
wants out of the communication. The part of the identity Bob that matters to a
communication is the expected utility of the communication. The identity is
merely an end to that utility. For instance when you call tech support, you
are trying to solve a problem and it doesn't really matter if the person tells
you their name is Jim rather than James.

The only hard and fast identity is cryptographic identity, it can be
compromised if someone shares their secret key, but at least you know that you
are communicating with someone that has access to that secret key. That is, I
can send to a message to all parties with access to the secret key, SK0. The
next question is how do I know that parties which have access to SK0 will
increase my utility via communication. That can only be built from past
actions either directly or indirectly performed by that party.

Utility of identity depends on reputation of identity. Reputation of identity
depends on past actions of identity (think stackoverflow/hackernews/silkroad).

All of which can be cryptographically proved if the identity consists merely
of access to SK0. Note, this is how identity and trust works outside of
computers.

~~~
stinkytaco
OK, I see where you are going. Using crypto and web-of-trust as an identity
system is really using it as a reputation system. I would point out, however,
that the cryptographic identity is not a "hard and fast identity", at least
not in a way that's useful. As you point out, I've met Bob, I trust Bob and
Bob's an old friend. I know Bob's cryptographic identity, but I also know that
identity could be compromised at any time. However, if I know Bob I'm much
more likely to realize that.

The reputation system tied to that identity could also be compromised, the
difference is I'm much less likely to find out until it's too late and the
potential harm to me is very high (lets say the government is operating a Silk
Road honeypot). That brings us back around to the problem of identity. If I
know and trust Bob then his utility is higher.

Which is the point of the "web of trust", it (sort of) builds that utility
system in. I personally know Bob and know he's pretty sharp. He knows Jim and
has signed Jim's key, but I don't know Jim and I'm taking Bob's word for his
identity. Jim knows someone as well and has signed their key, but now we're
getting pretty far removed from Bob. Their utility (in this case their utility
at confirming identities) is getting smaller for me. I'm less inclined to
trust them.

But Bob, Bob's an old friend.

So I see where you're going, but I still think "identity" is the critical
factor.

~~~
EthanHeilman
>So I see where you're going, but I still think "identity" is the critical
factor.

Agreed. So how do we live in such a world and make decisions?

Do you trust Bobs ability to protect his key? Can you buy insurance against
this given Bobs reputation? Are the premiums worth the cost?

------
peterwwillis
It would be nice to have one website with a HOWTO for creating a business card
QR code with a vCard embedded with your public key in it, and instructions on
how to use it with every native e-mail client.

