IETF Logo Mail Archive

Re: [dispatch] [Secdispatch] A protocol for anonymity

Eric Burger <eburger@standardstrack.com> Tue, 12 March 2019 07:22 UTC

Return-Path: <eburger@standardstrack.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 57062130EE7 for <dispatch@ietfa.amsl.com>; Tue, 12 Mar 2019 00:22:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.689
X-Spam-Level:
X-Spam-Status: No, score=-1.689 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_INVALID=0.1, DKIM_SIGNED=0.1, T_SPF_PERMERROR=0.01, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=neutral reason="invalid (public key: not available)" header.d=standardstrack.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a2_TYa-nyewx for <dispatch@ietfa.amsl.com>; Tue, 12 Mar 2019 00:22:29 -0700 (PDT)
Received: from biz221.inmotionhosting.com (biz221.inmotionhosting.com [198.46.93.79]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A2B84130E64 for <dispatch@ietf.org>; Tue, 12 Mar 2019 00:22:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=standardstrack.com; s=default; h=References:To:Cc:In-Reply-To:Date:Subject: Mime-Version:Content-Type:Message-Id:From:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=BwDEBbftYs6pQ5rkIZqLuSb7pcH0UHkkE4mZik5h0xA=; b=Ohy5rsgHuew0SyHdnmG0jfemo 2noYwf8bvfBYEubLVLcnVGT4zysl+rAdWUDqH17BfydGGcFUN2DzIcqacge9gBSx2v+q1KiazLSmz b2YAPL5elYVnYDKs7DNBBwp4n0Trtk47XyUKR3hZUrcxfn3Weyqc1D4YpeAtK8GHocmHs=;
Received: from [68.100.196.217] (port=63396 helo=[192.168.10.26]) by biz221.inmotionhosting.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.91) (envelope-from <eburger@standardstrack.com>) id 1h3bjq-00CEvJ-MK; Tue, 12 Mar 2019 00:22:28 -0700
From: Eric Burger <eburger@standardstrack.com>
Message-Id: <5DC4D2CC-E344-4640-B797-9B51A21198F3@standardstrack.com>
Content-Type: multipart/signed; boundary="Apple-Mail=_01DCB60D-616D-4585-9FCB-94EF42856E68"; protocol="application/pgp-signature"; micalg="pgp-sha256"
Mime-Version: 1.0 (Mac OS X Mail 12.2 \(3445.102.3\))
Date: Tue, 12 Mar 2019 03:22:12 -0400
In-Reply-To: <336679b2-abd1-6372-050e-974530088821@gwerder.net>
Cc: "dispatch@ietf.org" <dispatch@ietf.org>
To: Martin <martin@gwerder.net>
References: <1d369e948382f1431f6e67abce4ca0c8.squirrel@www.amsl.com> <F7BDADFC-FBEF-4049-945B-BD865AB58229@akamai.com> <336679b2-abd1-6372-050e-974530088821@gwerder.net>
X-Mailer: Apple Mail (2.3445.102.3)
X-OutGoing-Spam-Status: No, score=-1.0
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - biz221.inmotionhosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - standardstrack.com
X-Get-Message-Sender-Via: biz221.inmotionhosting.com: authenticated_id: eburger+standardstrack.com/only user confirmed/virtual account not confirmed
X-Authenticated-Sender: biz221.inmotionhosting.com: eburger@standardstrack.com
X-Source:
X-Source-Args:
X-Source-Dir:
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/czqAgnwninXlCNgcOOynm9nZ4LQ>
Subject: Re: [dispatch] [Secdispatch] A protocol for anonymity
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Mar 2019 07:22:31 -0000

I’m curious about the ‘main’ document. Is the document you mention below supposed to be at
https://messagevortex.net/devel/messageVortex.pdf?
If so, the document is broken. As in unretrievable, not a value judgement of the technical content. It may be that, too, but I’ll reserve judgement.

IMHO the world of anonymous communication is full of ToR knockoffs and protocol steganographies. I would be curious to learn how Message Vortex is different and advances the state of the art. See, for example:
https://www.darpa.mil/program/resilient-anonymous-communication-for-everyone

A *very* quick read of the I-D indicates there is a lot left unspecified. For example:
- key distribution is done by magic
- accounting is disturbing: that implies nodes have a *lot* of tracking capability
- I’m not sure blending will work, but that will require a bit more reading on my part (anyone else want to chime in)?
- the hand wave of Dead Parrot is fatal: one can tell these are Message Vortex messages by simple inspection. That defeats the purpose, no?

Finally, ASN.1? Really? I suppose we could use X.500 for message transport :-)


> On Mar 11, 2019, at 1:31 AM, Martin <martin@gwerder.net> wrote:
> 
> Hi Rich
> 
> Thanks for your concern. I understand where it is coming from. The
> reason why Security Considerations are so small is that there is another
> (academia) document dealing mainly with the security of the protocol.
> Although the thesis has not been published (still needs lecturing, a
> couple of attentive eyes questioning everything, and extension of some
> sections), it is linked in the document, and you may read it. I felt
> that including this into the RFC is too much by far. I, therefore,
> referenced it in the first paragraph. Do you think that this was the
> wrong decision?
> 
> You made definitely a valid point: Why believe a single person (in terms
> of an administrator of a system or writer of a paper)? My reply is: You
> should not. Read it and build your own opinion. There are a lot of minor
> flaws in the protocol depending on how your adversary looks like. A lot
> of "do's" and "donts's." If you are looking for the "why's" then reading
> [MVAnalysis] is mandatory.
> 
> Another main problem is censorship resistance. The more you regulate the
> behavior of the node, the easier it is to identify nodes (at least in
> some points). I, therefore, tried to integrate all absolute mandatory
> rules and to leave freedom to all other rules. I am sure willing to
> change that decision if you think it should be entirely included in the
> document instead of linking, but the document is already far from being
> lightweight.
> 
> Regards
> Martin
> 
> 
> Am 11.03.2019 um 03:20 schrieb Salz, Rich:
>>>   https://datatracker.ietf.org/doc/draft-gwerder-messagevortexmain/
>> 
>> I am VERY concerned about publishing something that claims to be a protocol for anonymity that has no security analysis and seems to be the work of one person.
>> 
> 
> _______________________________________________
> dispatch mailing list
> dispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/dispatch

v2.23.0 | Report a Bug | By Email