Artifact Content
Not logged in

Artifact d8bcf6f96da664616029ff6d490a221c155974cf:

Wiki page [Experiment: mmmv_symsig_t1] by martin_vahi on 2017-10-10 15:17:40.
D 2017-10-10T15:17:40.599
L Experiment:\smmmv_symsig_t1
P 03f9b48c70ed50b3f659250270251aa1f00bb338
U martin_vahi
W 14577
<p><font color="#ff0000">Currently the mmmv_symsig_t1 lacks any code.</font></p>

<p>The mmmv_symsig_t1 <b>wraps symmetric key encryption command line tools</b>
and <b>implements a signing system</b>, where parties, who have never met
directly for a key exchange can <b>probabilistically authenticate</b> each
other. Unlike the many public key encryption systems, the mmmv_symsig_t1 can be
used by using only symmetric key encryption algorithms, which avoids the
<a href="https://bitrary.softf1.com/index.php?title=Software_Development_:_Security_:_Cryptography#Why_Public_key_Cryptography_is_Fundamentally_Flawed">fundamental
flaw</a> that all public key encryption systems have. The feasibility of using
<a href="https://bitrary.softf1.com/index.php?title=Software_Development_:_Security_:_Cryptography_:_Onetime_pad">one-time-pads</a>
or
<a href="https://github.com/martinvahi/mmmv_devel_tools/tree/master/src/mmmv_devel_tools/mmmv_crypt_t1">one-time-pad
like</a> ciphers is based on the fact that a year 2017 price for 1GiB of
USB-stick based flash memory costs about 1€. With the exception of <b>metadata
related security issues</b>, one-time-pad like ciphers tend to eliminate
security flaws at the encryption algorithm side. In addition to the signing
system, the <b>mmmv_symsig_t1 allows swarms of robots with billions of robots
to establish probabilistically secure channels without the need to upgrade the
set of keys of older robots every time a new batch of new robots joins the
swarm.</b><br>
</p>

<p><i>It's worth to note that if both keys of a public encryption algorithm are
bundled together and the whole pair is kept secret the way &nbsp;symmetric keys
are kept secret, then public key encryption algorithms can be used as symmetric
key encryption algorithms. That allows the "standard" tools like the
<a href="https://gnupg.org/">GNU Privacy Guard</a> to be used in the role of
the symmetric key encryption algorithm implementation.</i></p>

<p><i><br>
</i></p>

<h1>Definition of some Terms</h1>

<div>In the context of the current document <b>onionencryption</b>&nbsp;stands
for an encryption activity, where&nbsp;</div>

<div><br>
</div>

<div>//----------------------------------------------------</div>

<div><font face="Courier New">&nbsp; &nbsp; ciphertext = encrypt_with_key_N(&nbsp;</font></div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp;encrypt_with_key_&lt;N-1&gt;(&nbsp;<br>
 </font></div>

<div><font face="Courier New">&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;encrypt_with_key_&lt;N-2&gt;(&nbsp;<br>
 </font></div>

<div><font face="Courier New">&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;</font>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp;...</span></div>

<div><font face="Courier New">&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;</font>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;
&nbsp;encrypt_with_key_2(&nbsp;</span></div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp;
&nbsp; &nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;&nbsp;&nbsp; &nbsp;
&nbsp; &nbsp; &nbsp;encrypt_with_key_1(</font></div>

<div>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;&lt;cleartext&gt;</span></div>

<div>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</span><font face="Courier New">&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;</font>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;&nbsp;</span><font face="Courier New">&nbsp;
&nbsp;&nbsp;&nbsp; &nbsp;&nbsp;</font>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp;)</span></div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; </font>

<span style="font-family: &quot;Courier New&quot;;">&nbsp; &nbsp; &nbsp; &nbsp;...</span></div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;) // N-2</font><br>
</div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp; &nbsp; &nbsp;) &nbsp; &nbsp; // N-1<br>
 </font></div>

<div><font face="Courier New">&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp;
&nbsp; &nbsp;) &nbsp; &nbsp; &nbsp; &nbsp; // N<br>
 </font></div>

<div>//----------------------------------------------------<br>
</div>

<p>The main thing to note about the onionencryption is that all of the keys,
1..N, are needed for decrypting the ciphertext.</p>

<p><br>
</p>

<h1>The Scheme</h1>

<div><br>
</div>

<div>End users(hereafter: <b>EnU</b>), including
<a href="https://en.wikipedia.org/wiki/Alice_and_Bob">the Bob and the Alice</a>,
individually meet with a key exchange service provider&nbsp;(hereafter: <b>KXS</b>).
The KXS gives each EnU multiple GiB worth of symmetric keys that are shared
only between the KXS and the EnU. If the EnUs have not met with each other for
a key exchange, then the
<a href="./raw/2c33dc040db045bc915cc169f7526d4619e6d96e?m=image/png">KXS forms
a central hub</a> that decrypts the ciphertext of one EnU and encrypts the
cleartext for another EnU. That is to say, if the Bob and the Alice use only a
single KXS, then the KXS acts like the Eve, when the Eve conducts a
<a href="https://www.owasp.org/index.php/Man-in-the-middle_attack">man-in-the-middle
attack</a>. To <b>probabilistically counter</b> the man-in-the-middle attack,
the Bob and the Alice use the
<a href="./raw/ea832e5552b989ccccd69c113ac6c22ed64f057e?m=image/png">services
of multiple KXS</a> to agree on a set of temporary encryption keys, one
temporary key per one KXS. The Bob and the Alice use the set of temporary keys
for onionencryption of their actual data exchange. <b>If at least 2 KXS-es
manage to keep the keys that they use for communicating with the Alice and with
the Bob a secret and those same 2 KXS choose to keep the overheard temporary
keys a secret, then absolutely no KXS is able to decrypt the Bob's and the
Alice's onionencrypted session.</b></div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

<h1>Optional Improvement Opportunities</h1>

<div>In addition to the temporary keys that were overheard by the KXS, the Bob
and the Alice may use additional temporary keys that they negotiated during
previous sessions. During the session that is held through the eavesdropping
KXS the Alice should generate halve of &nbsp;each temporary key and the Bob
should generate the other halve of each temporary key.</div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

<h1>Worldwide Scaling</h1>

<div>If KXSs of one town, for example, Tallinn, register themselves as users at
KXSs of another town, for example, Berlin, by directly exchanging keys with the
other town's KXSs, then the users of Tallinn KXSs can have a probabilistically
secure onionencrypted session with the Berlin KXSs and the users of the Tallinn
KXSs can register themselves as "<b>2. class users</b>" of the Berlin KXSs. "<b>1.
class users</b>" of a KXS are only those users, who exchange the keys with a
KXS directly, without jumping through any other onionencrypted session. If New
York KXSs have been registered as 1. class users at the Berlin KXSs, then the
1. class users of Tallinn KXSs can register themselves as 2.+1.=3. class users
of New York KXSs. If 7. class users of Tallinn KXSs were using the Berlin route
for registering themselves at the New York KXSs, then they would become
7.+1.=8. class users of the Berlin KXSs and 8.+1.=9. class users of the New
York KXSs. If London KXSs are 4. class users at the Berlin KXSs, then 3. class
users of Tallinn KXSs can register themselves as 3.+1.=4. class users at the
Berlin KXSs and 4.+3.=7. class users of London KXSs.&nbsp;<br>
</div>

<div><br>
</div>

<div>The<b> class of a single key</b> that is used for a session between a KXS
and its single user, EnU, equals with the class of that EnU at that KXS. The&nbsp;<b>class
of a user that uses an onionencrypted session</b> for communicating with the
KXS equals with the highest class of a single &nbsp;key that is part of the set
of keys that is used for onionencrypting the session between the EnU and the
KXS.&nbsp;</div>

<div><i><br>
</i></div>

<div><i>(Only 1. class EnUs don't use onionencryption for communicating with
the KXS, where they are registered as a 1. class EnU. The same EnU can have
different classes at different KXSs. One way to memorize the meaning of the
class of a user at a given KXS is that the <b>class of the user at the given
KXS can be seen as the "cost" of reaching that KXS</b>. The smaller the
privacy, the higher the cost, specially if the EnU gets caught by "1984
authorities".)</i>&nbsp;</div>

<div><br>
</div>

<div><br>
</div>

<h1>Beneficial side Effects&nbsp;</h1>

<div>The more KXSs there are, the more break-ins have to be conducted to get
all the keys that the Alice and the Bob use for communicating with the KXSs. If
all of the sessions between the KXSs and their users are decrypted by
eavesdroppers other than the KXSs themselves, then an increase of the number of
KXSs increases the number of sessions that the non-KXS-eavesdroppers have to
listen in, which in turn increases the number of different geographical
locations, where the&nbsp;non-KXS-eavesdroppers need to place their probes. If
the KXSs reside at different "jurisdictions" that happen to be enemies, for
example, China, Russia, EU, United States, Latin America regions, Arabic
dictatorships, etc. then the lack of intelligence sharing between those
"jurisdictions" partly protects the Alice-Bob onionencrypted session from
absolutely everybody, except the session related metadata, but the metadata can
be "salted" by using temporary keys from previous onionencrypted sessions and
by choosing the KXSs &nbsp;randomly for every onionencrypted session. The more
KXSs there are, the greater the number of different operating systems and
hardware the set of KXSs uses. The greater the variety of operating systems and
hardware that the KXSs use, the more elaborate must be the software that is
needed for breaking into KXSs systems. Some extra variety within the KXSs can
be introduced relatively cheaply by using <a href="https://archive.li/vQLZk">FPGA
based embedded boards</a>.&nbsp;</div>

<div><br>
</div>

<div><b>For high security setups the KXSs core functionality might be
implemented as a microcontroller board</b> that does all the encryption and
decryption and stores all of the keys at an USB flash drive that is directly
connected to the microcontroller board. The microcontroller board can be
connected to the internet through GPIO of some Raspberry Pi like computer,
which acts as a "network card with all internet communication related software
included". Since the microcontroller software is remarkably primitive, then
there's practically no attack surface there and the best that any remote
adversary can do is to break into the Raspberry Pi, but the Raspberry Pi acts
only as a fancy network card and resides outside of the secure zone. Different
KXSs can use different encryption algorithms for communicating with the Alice
and the Bob. That allows the use of encryption algorithms that are usable on
the microcontroller board. <b>The microcontroller software is probably small
enough to allow it to be fully formally verified.</b>&nbsp;As specifications
and real hardware can differ, testing is relevant even after formal
verification. To reduce the number of untested states, the <b>microcontroller
board can have a dedicated microcontroller for enforcing power resets</b> that
happen not less than X times per 10 minutes, preferably at the end of each KXSs
session.</div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

<h1>Who Might want to use such a System</h1>

<div>

<div><b>Probably only freelancers and privacy advocates that have the monetary
means to physically meet with the KXSs will use the system.</b> The need to
physically meet with the KXSs to get class 1 user accounts forbids worldwide
adoption by free software developers due to travelling costs. Not everybody is
able to travel everywhere even, when money is not an issue<i>(read: the Edward
Snowden case, visas, etc.)</i>. <b>Probably the first adopters of this system
are robot swarm developers</b>,
<a href="https://www.youtube.com/watch?v=UPpFoeDT10o">Skynet</a> developers,
because the number of edges at a
<a href="http://mathworld.wolfram.com/CompleteGraph.html">complete graph</a>
that has n vertices is&nbsp;</div>

<div><br>
</div>

<div><font face="Courier New">&nbsp; &nbsp;n*(n-1)/2 = (n^2-n)/2</font></div>

<div><br>
</div>

<div>and the <b>mmmv_symsig_t1 allows billions of robots to establish
probabilistically secure channels without the need to upgrade the set of keys
of existing robots whenever a batch of new robots is added to the swarm.</b></div></div>

<div><b><br>
</b></div>

<div>Megacorporations &nbsp;want to spy on their salary slaves, generally known
as "employees", and the mmmv_symsig_t1, if properly implemented and used, makes
spying more difficult. Banks that use checks in stead of pin calculators in
2017 certainly could not care less about securing their IT-systems and business
processes. Medical institutions resort to comfort, because according to them
the "public key cryptography works just fine" and many hospitals and private
practices have a pretty crappy IT-support to start with, not to mention that
doctors and nurses would rather do their actual work, wear bloody gloves, than
do computerized "paperwork". Supermafiosi, "states", including the Estonian
supermafia, won't use the mmmv_symsig_t1 either, because they are satisfied
with the public key cryptography based legacy mess that they have adopted
before the specification of the mmmv_symsig_t1 was even created. Small
businesses that are geographically relatively close, can exchange keys directly
with each other and geographically distant small businesses don't have the
monetary means to meet with the KXSs that are out of their town, which limits
them to higher EnU classes.</div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

<div><br>
</div>

Z e50fca23dac77942081a800b53334662