[EMAIL PROTECTED]: Pseudonymity for tor: nym-0.1 (fwd)]

2005-09-29 Thread Eugen Leitl 
- Forwarded message from Jason Holt [EMAIL PROTECTED] -

From: Jason Holt [EMAIL PROTECTED]
Date: Thu, 29 Sep 2005 01:51:32 + (UTC)
To: cryptography@metzdowd.com
Subject: Pseudonymity for tor: nym-0.1 (fwd)



-- Forwarded message --
Date: Thu, 29 Sep 2005 01:49:26 + (UTC)
From: Jason Holt [EMAIL PROTECTED]
To: [EMAIL PROTECTED]
Subject: Pseudonymity for tor: nym-0.1


Per the recent discussion regarding tor and wikipedia, I've hacked together 
an implementation of the basic system from Chaum, Fiat and Naor's 1990 
Untraceable Electronic Cash paper.  This system allows CAs to blindly 
issue tokens (or coins) which can then be spent elsewhere.  It runs in 
perl, and comprises a CA, nym-maker, client application and auth checker 
(for the server).

The tarball is here:

http://www.lunkwill.org/src/nym/

Of course, it's useless at the moment since it gives out tokens 
indiscriminately (and probably has massive bugs), but if anyone actually 
cares about this idea, it will be (more or less) easy to do the following:

* Put up a sample CA and server that people can use (potentially as hidden 
services).

* Make the CA issue only one token per email address, or one token per IP 
address, one per computational puzzle, one for every $20 mailed in...

* Automatically expire CA keys and generate new ones on a regular basis 
(rather than bothering with CRLs)

* Instead of randomly generated tokens, have the CA sign an actual X.509 
cert request, which will then become a perfectly valid X.509 cert useful as 
a client-side cert in unmodified browsers and web servers

* Create some sort of aid for maintaining server-side (or CA) blacklists of 
improperly behaving users

* Check to see if the protocol is actually still secure and properly 
implemented.

Comments welcome.

-J

-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]

- End forwarded message -
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a
__
ICBM: 48.07100, 11.36820http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE


signature.asc
Description: Digital signature

[EMAIL PROTECTED]: Pseudonymity for tor: nym-0.1]

2005-09-29 Thread Eugen Leitl 
- Forwarded message from Jason Holt [EMAIL PROTECTED] -

From: Jason Holt [EMAIL PROTECTED]
Date: Thu, 29 Sep 2005 01:49:26 + (UTC)
To: [EMAIL PROTECTED]
Subject: Pseudonymity for tor: nym-0.1
Reply-To: [EMAIL PROTECTED]


Per the recent discussion regarding tor and wikipedia, I've hacked together 
an implementation of the basic system from Chaum, Fiat and Naor's 1990 
Untraceable Electronic Cash paper.  This system allows CAs to blindly 
issue tokens (or coins) which can then be spent elsewhere.  It runs in 
perl, and comprises a CA, nym-maker, client application and auth checker 
(for the server).

The tarball is here:

http://www.lunkwill.org/src/nym/

Of course, it's useless at the moment since it gives out tokens 
indiscriminately (and probably has massive bugs), but if anyone actually 
cares about this idea, it will be (more or less) easy to do the following:

* Put up a sample CA and server that people can use (potentially as hidden 
services).

* Make the CA issue only one token per email address, or one token per IP 
address, one per computational puzzle, one for every $20 mailed in...

* Automatically expire CA keys and generate new ones on a regular basis 
(rather than bothering with CRLs)

* Instead of randomly generated tokens, have the CA sign an actual X.509 
cert request, which will then become a perfectly valid X.509 cert useful as 
a client-side cert in unmodified browsers and web servers

* Create some sort of aid for maintaining server-side (or CA) blacklists of 
improperly behaving users

* Check to see if the protocol is actually still secure and properly 
implemented.

Comments welcome.

-J

- End forwarded message -
-- 
Eugen* Leitl a href=http://leitl.org;leitl/a
__
ICBM: 48.07100, 11.36820http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE


signature.asc
Description: Digital signature