Hello, I've been thinking about how a mostly decentralized web application (such as Facebook) would work like.
Assumptions so far: 1. You have your own computer, which has your private key 2. You and your friends share public keys 3. Your and your friends' computers all run an application that copies around data (messages, cat pictures, etc.) and signs it with private keys to prove authenticity Now what happens when you are away from your computer? If there's some way to use a web browser to log into the application running on your computer, that's fine (Opera Unite has done this for some time, for example). What happens when your computer is not running? One of your friends' computers is running the same application, and has a copy of the data you've shared (dealing with your private data is a whole different problem; the Tahoe-LAFS people seem to me to be engineering a workable solution). More assumptions: 4. You want to use the same password to log in as your local computer 5. You trust your friends enough to think they won't try to crack your password, but knowing human nature, not enough not to be tempted by a cleartext password lying around What I think would work as the login mechanism: If you take your password, assign each of your friends a unique salt [thinking about it more, a single "outside" salt might do], and give them the salt and the PBKDF2 (or whatever) digest of the salt and password, you can do the password checking in any browser with JavaScript by having their machine send the salt to the browser, the browser computing the PBKDF2 digest and sending it back to their machine, and their machine verifying the digest. If a friend's machine is compromised (or your friend decides to send fake messages on your behalf), you can use your private key to repudiate fake messages signed on your behalf, unfriend the compromised friend, and change your password and push the new hashes out to your remaining trusted friends, when you get back to your machine. My knowledge of cryptography is fairly rudimentary, so I'm asking for input on the feasibility of this scheme (Manuel Simonyi referred me to this list). Any feedback is warmly appreciated. Thank you, Vladimir Sedach _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography