[cryptography] The next gen P2P secure email solution

tpb-crypto at laposte.net tpb-crypto at laposte.net
Fri May 16 06:01:26 EDT 2014



> Message du 16/05/14 02:26
> De : "grarpamp" 
> A : p2p-hackers at lists.zooko.com
> Copie à : cypherpunks at cpunks.org, cryptography at randombit.net
> Objet : Re: [cryptography] The next gen P2P secure email solution
>

> >> pesky to/from/subject/etc headers.
> >
> > Oh boy, here we go.
> > Those are hidden by use of TLS.
> 
> Have you not been following the weaknesses intrinsic
> to SMTP discussions?
> Yes, they are hidden in TLS transport on the wire.
> No, they are not hidden in core or on disk at
> the intermediate and final message transport
> nodes. That's bad.
> 

There is no way to hide metadata because you need a destination for your messages to arrive, you can't hide it even in Bitcoin, Tor or any other network which has to find its destinations to deliver its contents. The best you can do is cloak it, but like any cover there are means to uncover it.

> We want all human relevant plaintext content, such pesky
> headers included, to be hidden from observation by anyone
> other than us (at our origination or final receipt nodes).
> There is no oh boy in that sensible new design.
> 
> > Regarding government wanting your data in the clear by requesting it to the ISP you use, well switch your communications to another country, problem solved.
> 
> Have you ever heard of MLAT, extradition, interpol, public
> and private cooperation, dealings, and other such things? And
> maybe you simply do not trust any 'country' with carriage of your
> insistent plaintext. There is no such 'solved' with that.
> 

What is Iran? What is Cuba? What is China? What is Switzerland?

> >> - voluntary 'cooperation' to do the same.
> >> - capability for messaging over encrypted anonymous p2p overlay networks
> >> so that the only real place left to compel is the investigated user themselves
> >> (or millions of users if you want to fight up against free speech / privacy).
> >>
> >
> > p2p is no panacea, it doesn't scale
> 
> I believe it could. Even if requiring super aggregating
> nodes of some sort. Layers of service of the whole
> DHT space. More research is surely required.
> 

Here is your problem, you hold a belief, I hold knowledge. That's the little difference between us. It is not possible to have fast p2p unless:
- Cable networks collaborate by increasing bandwidth 7 to 8 times the current levels without increasing costs. That was done Brazil and South Korea which now have much better internet than the US. But the US still rule as the biggest market;
- People accept a more bumpy internet experience;

> > and it will never, ever be able to handle the latest netflixy app Joes are so much into.
> p2p is for techead kids like you, not for the masses.
> 
> We are talking messaging, not bulk data.
> However, once you have the nodes scalable to millions
> of communicators, there is probably no issue transporting
> bulk data among a select few along their path metrics.
> 

The first thing people complained about Tor was that they couldn't run bittorrents with it and they couldn't see youtube.

> Cathal brings up a great and tricky issue regarding
> choices to store-and-forward. S&F is quite more
> complex, but possibly more useful, than realtime.
> 
> > The masses do not understand it unless it brings spiderman, batman, faggotman hollywood garbage faster to their living rooms.
> 
> I agree such garbage is rather pointless life endeavour.
> I would be happy to message you via such a new
> messaging system though :)

I would it too, of course. But in order to make it work we have to dial back the complexity of our pages and our want for high definition videos.

It is not interesting to merely have an e-mail substitute, because instead of e-mail metadata spies will request our google search and navigation history. You will certainly send links and those tell a lot about what we are talking about.


More information about the cryptography mailing list