Avoiding RIPA

Peter Fairbrother zenadsl6186 at zen.co.uk
Thu, 31 Oct 2002 21:26:53 +0000 

Brian Morrison wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Wed, 30 Oct 2002 20:45:52 +0000
> Peter Fairbrother <zenadsl6186@zen.co.uk> wrote:
> 
>> What's really needed is a proper 'net broadcast technology, or an
>> 802.11 mesh might do it given a few years, so we can set up a "feed".
>> With OTP. Unbreakable anonymity, and unbreakable crypto, all in one...
>> :)
> 
> Would FreeNet be suitable for this Peter? It appears to offer an
> encrypted distributed data repository where it is not possible to know
> what is held where nor by whom it is accessed.
> 
> Doubtless now someone will shoot me down in flames.
 
Brian, 

A "feed" is a broadcast signal that anyone can contribute to. Everyone
listens all the time for "to" headers addressed to them, and stores and
decrypts the associated data. If the address headers and data are encrypted
using otp, then no-one can cryptographically break the anonymity or the
crypto. 

If people contribute at a fixed rate, whether or not they are sending a
signal, you can't even tell when a message is being sent, even if you have
access to his 'phone line or whatever. The only non-endpoint attack is DoS,
and even if you have complete control of the entire system you can't get any
information beyond the fact that someone is a subscriber!



I don't really know for sure about FreeNet, there is little useful info on
their website, and I haven't seen thier latest implementation, but I doubt
there is any reliable anonymity.

The papers it's based on are not thorough in all their claims (!), and just
plain wrong* sometimes, and I don't see how real anonymity is obtained. It's
more about data surviveability than anonymity afaict, but as seldom-accessed
data can get lost then it's not reliable there either.

I wouldn't trust the anonymity at all, it's similar to a mixmaster or
remailer system, with the added disadantage that "keys" (which are the names
of files, not cryptographic keys) must be published or distributed somehow,
and no method for doing this anonymously is specified. For messaging
prearranged keys could be used, but the system isn't really designed for
that.

I'm paranoid though, and it might be good enough, providing plausible
covertraffic, but I wouldn't use it for important things. If "they" have
control of a significant part of the network, you're screwed.

-- Peter Fairbrother

* If you're a FreeNet guy, drop me a line.