-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 On 2018-03-17 16:34, Innovative Inventor wrote: > On Friday, March 9, 2018 at 3:19:47 PM UTC-5, Innovative Inventor wrote: >> I was looking at the canaries, and I liked the idea of a proof of freshness >> with the latest news headlines. While people can't create canaries ahead of >> time, it is possible to conspire to modify or backdate one of them after >> they have been published. To prevent this, we could use a blockchain-based >> timestamp, where the hashes of each canary are placed within the blockchain >> of a powerful cryptocurrency. Something similar to these services: >> >> https://opentimestamps.org/ >> http://originstamp.org/home >> >> This way, if there ever is a interruption of canaries, followed by a court >> order or something forcing you guys to backdate a falsified canary or modify >> old ones, we will all be able to check. > > Something that I think can also be added to improve the canaries is to add > NIST's Randomness Beacon to the proof of freshness by adding the output of > https://beacon.nist.gov/rest/record/last.xml. I realize that in most > hypothetical scenarios, a government, is the attacker, but it can't hurt to > add a government to the list of organizations an attacker would have to > attack just to coerce a canary ahead of time. What do you guys think? >
I wasn't aware of the NIST Randomness Beacon. Very interesting. Thanks for bringing it to my attention. As far as I can tell, this looks like a very good source for the Proof of Freshness. Would you like to submit a PR that adds it to the script? https://github.com/QubesOS/qubes-secpack/blob/master/utils/proof_of_freshness_generator.sh - -- Andrew David Wong (Axon) Community Manager, Qubes OS https://www.qubes-os.org -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEZQ7rCYX0j3henGH1203TvDlQMDAFAlqt64UACgkQ203TvDlQ MDD4qQ/9EQrr34iznVASWo801Rv22wQeDOAyPC3td2vUwWg9eQJDww6XV01jTEIf Eq3Ta+Iy6RDR6GtAhMqy23YubT5uSwQm07lSSTZCF8thXFxlcM2iImLbalZg4942 +jsivcqYtgxxiJ93pJXOnb0ClmH4qIItI+bSoX0T47isy4yHeT/xFgJy7D6sriij I56bsOVBuBwMUoogRvlRZ+yuHKTNWr7J2E558d+TgNCSM0hWibgHpftwyH/opF26 zbBY3HeGA3KnBMQ6Gog8gm/cIFtKs2oxK7UAoe583fCMCFMIccgKHDZa0pEOs11t pVmYvN4mb5F/hY3Fx+A0tLSEjbKlwRj75OqfYcXmEu6wcwPiGA4XTSBVGcVQ3hta zPrvLO6nJBuJ6qdIqV8lLJj307EIi0ZXDTDZgL0c7+WpK/Cry+lq9ma0o68ePU12 Ya8MgiTW/OZOnmkS0TOP0VSkE4LchxdxJ1Zbllba5LbY8qnAYBTLKn2jx5dmSF4t 6n+fu+SxwZ/LEFdGZqyOWdM5+euPw+RnQtBs1Vpy9QzysAsu680yFfyYNdAzq2ks QtPaTy0e7pHrPiKze/fkP4Eqihdn7Yxsb5ZIVXgdkF6Aft5qRHCYFXGe0KlrQs5N Q7qhwXqTCAacT3IRMHTq72u/fylPJglUGk47cQxoKIqyemWN1vQ= =Hx4I -----END PGP SIGNATURE----- -- You received this message because you are subscribed to the Google Groups "qubes-devel" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-devel/f7bc688a-bf78-1114-cb07-f61375465d2a%40qubes-os.org. For more options, visit https://groups.google.com/d/optout.
