Chaum Fathers Bastard Child To RubberHose ... PrivaTegrity cMix

On Wed, Jan 06, 2016 at 11:51:29PM -0500, grarpamp wrote: > Nine server council... a hoseablitly focus point similar to Tor dirauths. > In any case... interesting. The privaTegrity (PT) backdoor is significantly more malignant than the Tor dirauth issue. If you pwn the Tor dirauths, you can sign and publish a false "consensns" to clients that will cause them to use only your relays for new connections, thus breaking anonymity for new connections. Doing so leaves a trail of bits showing that this was done (mostly just on the target system). Tor is actively seeking solutions to make their system more privacy-preserving and if a better option shows up in research, they will likely adopt it. If you pwn the PT overlords, you can retrospectively deanonymize connections that you recorded in the past. If PT were deployed at scale with a, say, 12-month deanonymization window [1] then every connection during that interval would be silently deanonymized by APT0 who has stealthily exfiltrated the overlord private material. [1] the whole point of the PT backdoor and its claim to "break the crypto war stalemate" is that a lawful investigation could go back and ask "who sent this bomb threat". If PT were deployed at scale and a vulnerability were found that used the backdoor, the developers are left with an uncomfortable choice -- fix the vuln and thereby break the backdoor, or leave users vulnerable and preserve the so-called "lawful" access? This is not a conflict that I want my privacy technologists to have to navigate. Now, cMix seems like an interesting technology (much like the tech bits of eCash were interesting back in the 90s, a previous #chaumism[3]). I chatted with one of the coauthors yesterday and there's clearly an interesting performance improvement to existing mix networks; read the paper[2] for more details. But the PT system built on it is predicated on an unrealistic model of datacenter security, international geopolitics, network economics, cyberwar, and network reliability. [2] https://eprint.iacr.org/2016/008.pdf [3] https://twitter.com/hashtag/chaumisms -andy