Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN: is there such a thing as a public stream of encrypted messages?
11 points by anigbrowl on Jan 3, 2011 | hide | past | favorite | 9 comments
I feel like I should know about this and could probably find out with a little research, but thought I'd ask today seeing as there are so many crypto experts on HN.

If two people are exchanging encrypted email a third party could still observe the fact that communication was taking place even if the content itself were obscured. But what if a large number of people were posting encrypted data to a public message board? Only the recipients would know which messages were intended for them. Of course, this would mean attempted to decrypt every new message using one's private key, and getting nothing useful in the majority of cases - very inefficient, but also secure. For example:

  pg:       slkdjfbiofdnbdoibjowerni
  swombat:  poripmkbdoijdpohkdpjthkj
  tptacek:  sdflkjsdffnhhxgfjhlfkgjh
  ....etc.
I try decrypting every one of these 'messages' (all of which would be much longer in reality) with my private key, but only swombat's resolves to plain text. Now I know his message was intended for me, but onlookers do not.

Obviously, there is nothing especially clever about this - it's just the old espionage technique of public signalling (through a classified advertisement or visual display) combined with a dead drop. Some twitter clients allow for the broadcast of encrypted tweets, for example. But I was unable to think of any obvious streams of encrypted material like this. Do such things exist, or are most people too paranoid to use them? I have no practical purpose in mind, it just came up as a hypothetical in a discussion, for which I was unable to think of a real-world example.




You can do it a bit easier without needing to have a large central message repository. Start with a secure distributed write-only database (imagine something like a big collection of random people running a variant of couchdb that included some crypto primitives) and then mix in a bit of private information retrieval[ * ] and you are most of the way there. There are some tricky bits to this general idea, like notifications and indexing the mailboxes, but the principle is fairly sound. The problem with these sort of ideas is that if you try to implement them in the real world you soon discover that your addressable userbase is really, really small, most of them are people you probably don't want to help out very much, and the resource provider/parasite ratio is hard to keep sustainable.

[ * ] PIR in a nutshell: Servers A & B contain messages 1, 2, 3, 4 & 5. You ask server A to XOR messages 1 & 4 together and send it to you and you ask server B to XOR messages 1, 2 & 4 together and send them to you. You XOR the two streams and get message 2, but neither A nor B know what you asked them for. Obviously there are additional steps that make the system more secure, but that is the basic gist of how it works.


The Newsgroup alt.anonymous.messages is made exactly for this purpose.

http://groups.google.com/group/alt.anonymous.messages/topics


Aha - this is exactly the sort of thing I had in mind. Thanks!


if you'll excuse my naïveté, but what's the purpose?


Transmitting messages such that the intended recipient is impossible to know for any third-party observer. If you're sufficiently and justifiably paranoid, you'll want to obscure both the content of your messages and who you're talking with.

I can think of some uses for this, mostly related to spying and espionage. On the other hand, if you're really paranoid you don't want anyone to know that you're transmitting messages - because that can lead to danger, if they choose to take the lead pipe approach to finding out what you want to keep secret.


Perhaps Twitter has the better solution? Why not direct messages to a single user, or hash tag, etc? It's basically a way of sending messages to only a set of recipients that wants to receive it. In your case though, there'd also be a level of encryption involved. I guess what I'm saying is, perhaps a real-world example could be close to Twitter?


Well, the idea here is to prevent third parties from knowing which senders are communicating with which recipients. If only 2 people are using such a system then obviously that's pointless, but as n increases then there are n(n-1)/2 possible conversations in progress, obscuring the pattern as well as the content of communication.


I think onion routing, like the Tor project, satisfies the criteria of obscuring sender and recipient.


wifi routers?




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: