IETF Logo Mail Archive

Re: [Secdispatch] The Mathematical Mesh

Richard Barnes <rlb@ipv.sx> Mon, 22 April 2019 17:34 UTC

Return-Path: <rlb@ipv.sx>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FE87120044 for <secdispatch@ietfa.amsl.com>; Mon, 22 Apr 2019 10:34:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=ipv-sx.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LYmQZcH3QOaD for <secdispatch@ietfa.amsl.com>; Mon, 22 Apr 2019 10:34:28 -0700 (PDT)
Received: from mail-oi1-x22d.google.com (mail-oi1-x22d.google.com [IPv6:2607:f8b0:4864:20::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F3D6D1200DF for <secdispatch@ietf.org>; Mon, 22 Apr 2019 10:34:27 -0700 (PDT)
Received: by mail-oi1-x22d.google.com with SMTP id i21so9036551oib.11 for <secdispatch@ietf.org>; Mon, 22 Apr 2019 10:34:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ipv-sx.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=saXjQWBHFGZpWyT6o8DxU6FtSo4gVf1HfChXtt8kFso=; b=U1arV25jaYod9kYEXSplA78hY0meV/akF5wY5Ar1fYCcurBzdqoqgUb5dJ7EmkSQQ3 t4ddMKys8KePWiyA2xOE1Lpkb6fwz5dsrQa/M8cM2vW2l03nrbiKT29KOjB3ZiquYIjm K3KecIp0IQpsC8XZw9R4bm98dIrtyYpop1Z2iwwvAMZASECIZMAZy9LpfGF3KTIcLHWM cY03ai0vo0CgsCagZ6O0I2CVSygcubqxoL+rzbUrP/lQ6elMOYRYR5rq2LPN+v/d6Hsm tW2WVq9e2SKPZi0Ll1hwKvcuXYk+xXzZ15WZM6ySxS55oFg+lFKbxuair7qgneTAzMuR gDCA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=saXjQWBHFGZpWyT6o8DxU6FtSo4gVf1HfChXtt8kFso=; b=iDOVN1BDQrxD6GormHx1HLb/qqOzaHnpDU23DwZ09Q7KhHpB25/CEePBYNJHsi0FVC B20WvzssPuXH2q8Kuy121bD/Bwrm8vEpgFFJw1wlXbaaDcKs3kKo0wDcJq0cedOjbEz5 H8/d2mqxi+EUbnV73c1bj8/huL3PaYBzOecnMtcpsTazO9/CLIGlvukJnl6I4GuZy6Yt Gi6dWKhyjG78P+WGOsAc/PiiJ+6depilnXlSkslD6Dp+0dP9m3OOizbx14XBIGPeNonu HL+nw2gT0EkILtu0T92YTVTdy7ZtCAFR+tReNnZjSfdY6RA/s+DiN9fyPumqOKt19qF+ kRxQ==
X-Gm-Message-State: APjAAAVpGoYdSxiqnjuI8BF2wpkicn3wo9b/+18eoxG83ObHh3HCie/N fCNU7vSsGAXmr7D2pgq77eUr3SqL+N6sLXh7ySyTUw==
X-Google-Smtp-Source: APXvYqwRSyH6CosoZ7P9o3/1GVzxOSF3jUSPg3GhcNgI8Bt8ODl8P7qSnm0+FDK76aze2ePrKKf0Iv2L3tSkPawdgUI=
X-Received: by 2002:aca:544b:: with SMTP id i72mr10114079oib.51.1555954466947; Mon, 22 Apr 2019 10:34:26 -0700 (PDT)
MIME-Version: 1.0
References: <CAMm+LwiF3iGiRO5reW4KCgf8vp=Kv=+4pD+_rGOcxEsD1Hxk4g@mail.gmail.com>
In-Reply-To: <CAMm+LwiF3iGiRO5reW4KCgf8vp=Kv=+4pD+_rGOcxEsD1Hxk4g@mail.gmail.com>
From: Richard Barnes <rlb@ipv.sx>
Date: Mon, 22 Apr 2019 13:34:06 -0400
Message-ID: <CAL02cgRoX6-YY3JZUSZeQVqEkU__o1_1+BzYz5tHmnZGgAaYZg@mail.gmail.com>
To: Phillip Hallam-Baker <phill@hallambaker.com>
Cc: secdispatch@ietf.org, IETF SAAG <saag@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000004a1e74058721e19e"
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/P4u0tCfgk7oEJ6f2IiW5qlGZtaY>
Subject: Re: [Secdispatch] The Mathematical Mesh
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Apr 2019 17:34:32 -0000

Hi Phil,

Thanks for the note.  The IETF typically works on specifications for
interoperability between multiple implementations.  Is there more than one
party involved / interested in implementing?

--Richard

On Mon, Apr 22, 2019 at 12:58 PM Phillip Hallam-Baker <phill@hallambaker.com>
wrote:

> Five years ago I started to look at the reasons that Internet users do not
> use end-to-end secure mail despite the fact that almost every email client
> in use supported S/MIME and OpenPGP had been available for decades.
>
> In answering that question, I quickly realized that we were trying to
> solve the problems we were interested in rather than the ones that the user
> actually cared about. And yes, users do really care about security but
> their security concerns are much broader than the ones raised on the
> cypherpunks mailing lists. They are concerned about the control that
> corporations might have over them much more than governments. They are
> concerned with the risk of losing the pictures of their kids at 5 years old
> to ransomware.
>
> Carl Ellison says that the user base of any security protocol halves for
> each click required to use it. This led me to ask, 'how can we reduce total
> user effort' and not just effort required for security. Today we ask the
> user to configure their email client twice, first to make use of email and
> again to make email secure (and then we require them to redo the second
> annually for S/MIME).
>
> The result of this approach is an infrastructure I call the Mathematical
> Mesh which I would like IETF participants to consider as a standards track
> effort, either in part or in whole.
>
> The goal of the Mesh is to make computers easier to use by making them
> more secure. This is easier than people might imagine. The key here is that
> every set of instructions that you write down and give to a human can be
> written as code and given to a suitably authorized computer system.
>
> The phrase suitably authorized is key here, often the reason manual
> intervention is required to configure systems requires is that certain
> system privileges are needed.
>
> Like BitCoin, the Mesh extends the traditional cryptographic repertoire.
> While all of the cryptographic techniques used in the Mesh are well
> established in the academic field, this is the first time anyone has (to my
> knowledge) proposed making use of them in an open standard.
>
> The Mesh is designed to make full use of the capabilities of modern
> computer systems: It is assumed that every user has access to a machine
> with at least the capability of a Raspberry Pi Zero for purposes of
> configuring an managing devices. Connection and use of constrained devices
> of Arduino Mega class and above is also supported by offloading certain
> security functions to a trusted gateway.
>
> I am posting this here to solicit opinions as to whether I should bring
> some or all of this work to the IETF or if I should take it to other forums.
>
> The drafts are available in plaintext or HTML format. Since some of the
> drafts make extensive use of mathematical notations, I recommend reading
> them in the HTML format.
>
> HTML:
> http://mathmesh.com/Documents/draft-hallambaker-mesh-architecture..html
> <http://mathmesh.com/Documents/draft-hallambaker-mesh-architecture.html>
> http://mathmesh.com/Documents/draft-hallambaker-mesh-udf.html
> http://mathmesh.com/Documents/draft-hallambaker-mesh-dare.html
> http://mathmesh.com/Documents/draft-hallambaker-mesh-schema.html
> http://mathmesh.com/Documents/draft-hallambaker-mesh-protocol.html
> http://mathmesh.com/Documents/draft-hallambaker-mesh-trust.html
> <http://mathmesh..com/Documents/draft-hallambaker-mesh-trust.html>
> http://mathmesh.com/Documents/draft-hallambaker-mesh-cryptography.html
>
> Plaintext:
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-architecture/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-udf/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-dare/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-schema/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-protocol/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-trust/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-cryptography/
>
> These drafts are not yet complete as the example material and schema
> documentation is still being revised. This will be addressed as the
> reference code passes the remaining unit tests for each functional unit.
> The principle adopted being that it is better to have no examples than
> incorrect ones.
>
> The following drafts are planned but not yet written:
>
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-constrained/
> https://datatracker.ietf.org/doc/draft-hallambaker-mesh-quantum/
>
> The reference code is open source and runs in C# under .net Core. It is
> currently tested only on the Windows platform but previous versions have
> run on OSX and Linux.
>
> https://github.com/hallambaker/Mathematical-Mesh
>
> The code system is also open source. These tools allowed me to design,
> implement and document a code base that is capable of performing
> significant portions of the functions of PKIX, S/MIME, Blockchain, SMTP,
> IMAP and TLS on my own in a little less than three years.
>
> https://github.com/hallambaker/PHB-Build-Tools
> _______________________________________________
> Secdispatch mailing list
> Secdispatch@ietf.org
> https://www.ietf.org/mailman/listinfo/secdispatch
>

v2.23.0 | Report a Bug | By Email