Re: [dev] [quark] patch

From: Robert Ransom <rransom.8774_AT_gmail.com>
Date: Fri, 4 Feb 2011 18:56:48 -0800

On Fri, 4 Feb 2011 17:36:55 +0100
Szabolcs Nagy <nsz_AT_port70.net> wrote:

> offtopic:
>
> the webserver i'm implementing is used to do secure messaging:
> it accepts PUT /key and GET /key requests which store and retrieve
> exactly 1K data (so it looks like a key-value store)
>
> (server does not remember the key only the hash of the key,
> if GET asks an invalid key then 1K random is generated and stored
> under the key)
>
> (the uploaded data is garbage collected: eg after 1 month it gets
> deleted from the store, so this is not yet another storage solution,
> it's for communication, there are no strong durability guarantees)
>
> the next step is to implement GET /key#hash requests:
> the server only answers if the (sha1) hash of the data is different
> than the provided one, this can be a communication channel:
>
> -> PUT /key HTTP/1.0\r\nContent-Length: 1024\r\n\r\ndata..
> <- HTTP/1.0 200 OK\r\nContent-Type: text/plain\r\n\r\n
> -> GET /key#hash-of-data HTTP/1.0\r\n\r\n
> <- [waiting..]

The server will never see the fragment identifier (the "#" and text
following it).

> at this point both client and server keeps the connection open
> until someone modifies the data under the given key, and then
> the GET request is answered with the new data
>
> <- HTTP/1.0 200 OK\r\nContent-Type: application/octet-stream..
>
> two client can communicate by sharing a key and updating
> the data under the key
> (actually many client can follow the communication and
> get notification by keeping a connection alive with the
> last seen hash, to solve other communication issues
> higher level layers can be used ie. data format with meta info)
>
> (security can be ensured by sending requests (keys) over a secure
> channel (tls) and sharing keys using eg diffie-hellman method
>
> actually one can encrypt the 1K data with x then use hash(x) as key
> so it is enough to share x between the communicating parties
> which the server does not even know, decrypting the 1K data is not
> possible by just using hash(x).. of course eve can overwrite the
> data using PUT /hash(x), but then alice and bob may get notified..
>
> well the design is not complete yet, but probably a secure distributed
> communication system can be built on top of this: unlike ip level
> communication here the communicated data does not know its destination)

But the server does.

If you want to avoid that, you can either have all clients connect to
the server using Tor (<https://www.torproject.org/>), or build a mix
net (see <http://freehaven.net/anonbib/#minion-design>,
<http://freehaven.net/anonbib/#DBLP:conf/sp/DanezisG09>, and
<http://freehaven.net/anonbib/#DiazThesis05> *at a minimum* before you
try this).

Robert Ransom

Received on Sat Feb 05 2011 - 03:56:48 CET

This archive was generated by hypermail 2.2.0 : Sat Feb 05 2011 - 04:00:05 CET