Saturday, 20 June 2009

Secure communication over Twitter and identi.ca

Proposal - Securing communications through microblogging

It is possible for microbloggers to publish their public keys as a link from their profile. This might be indicated by preceding the URL with a code, such as a double $ dollar sign. Add an agreed symbol, $ for example, at the beginning of the message to indicate that it has been signed by being encrypted with the matching private key.

Similarly, a message encrypted with another's public key could be preceded by $username. A message starting with:

$username $encrypted text

though as will be clear in due course this might not always be desired.

As the message string is short, it should be encrypted directly to as to not lengthen it. As a result, if PGP type encryption were to be used, the message should be treated as the session key, not the body text. Given the sixe of microblogs this should not be onerous.

Message signing

Alice:
  • creates a micro blogging account
  • publishes a link to her public key in her profile
  • posts a message encrypted with her private key, preceded by the $$ code.
Result:
  • anyone can read the message, by using Alice's public key
  • only someone knowing Alice's private key could have sent it
Secure Messaging

Alice and Bob:
  • create a micro blogging account each
  • publish a link to their public key in their profiles
Alice:

  • posts a message encrypted with her private key, and Bob's public key preceded by the sequence $$bob $$.
Result:
  • anyone can see that Alice has sent Bob a message
  • only someone knowing Bob's private key can decode the message
  • only someone knowing Alice's private key could have sent the message
Anonymous Addressing

Alice and Bob:
  • create a micro blogging account each
  • publish a link to their public key in their profiles
Alice:
  • creates a string encrypted with her private key and precedes it with the sequence $$bob.
  • This concatenated string is then encoded with Bob's public key and posted as a message, preceded by $$$.
Result:
  • anyone who uses secure communication with Alice attempts to decode the message using their private key
  • Bob alone will find an encrypted message starting with $$bob, which Bob can then decode
  • no-one can see that Alice has sent Bob a message
  • only someone knowing Bob's private key can know that the message was for him and decode the message
  • only someone knowing Alice's private key could have sent the message

20 comments:

  1. Problem is, if Alice get herself arrested or killed by the authorities, her computer is comprised and with it her private key. The authorities can then use her private key to fake message from Alice.

    Perhaps if the private key is kept somewhere central where Alice has to log into every session, then it becomes slightly more secure.

    Even better would be if the private key becomes accessible using some biometric measure from Alice and a password and perhaps a gadget that possess. ie following the principle of something she has, something she knows and something she is.

    So how about keeping the private key on a fingerprint activate flash drive with a password? Is there such a thing?

    Just a thought.

    ReplyDelete
  2. There are many ways for protecting your private key, have a look at http://www.gnupg.org/gph/en/manual/c481.html for some ideas.

    ReplyDelete
  3. Thanks for the nice information.This will help a lot of users. iPad App Development

    ReplyDelete
  4. These five free basketball game apps for the
    i - Phone will surely help you get your game on. WIFI:Als Verbindungsmoglichkeiten ins Internet stehen
    Ihnen WIFI wireless lan zu Verfugung. Even when things seem hopeless,
    Kiko's narration provides some great comedy relief.

    My page myvideo downloader
    Also see my website: onlineradio

    ReplyDelete
  5. Hi, i believe that i saw you visited my blog so i came to
    return the choose?.I'm trying to in finding issues to enhance my website!I suppose its adequate to make use of some of your ideas!!

    Check out my site - Dead Space 3 Game key

    ReplyDelete
  6. Usually, a brand new website takes about six months to one year to
    appear in the SERPs of Google, assuming the service provider is worth their salt.
    B) SEO basics - Image 2: Select-'English' and 'All Countries and Territories'.
    The tools include efficient internet marketing, proper usage of keywords,
    flawless content and creating social media buttons. The only thing that cannot be
    "fixed" later is your blog and post titles. Organic SEO uses valid and safe techniques to rank your site for its keyword.
    Enough said. Social networking Optimization Websites which include Facebook and You
    - Tube could be the latest examples of how "personal" websites can be appropriated
    for business. Second tool for power suite is website auditor.

    Isn't that something you and your business should be a part of. What are the advantages of article submission. Those who work on introduced SEO power suite, they choose best SEO tools among various tools available in the market. If the comments are created for solely promotional purposes, they will probably get deleted. Advertise by Selling Branded Products. Regardless of whether you like it, love it, or hate it, social media has become a major player in the SEO world, and it is a costly mistake to ignore it. Once you find the right and affordable SEO Company, it is essential to talk about your business objectives, target customers and future goals with the professionals to help them develop their strategies accordingly. It has been designed especially for business purposes and it holds biggest importance for your B2B online marketing strategy. In fact, soon, not using RDFa could put a site at a disadvantage. You will not even get to a 1 or 2 until Google has fully crawled your website or blog enough to give it a ranking. A good web solutions company will always provide you realistic time frame for the results to show up. Yahoo style guide.

    Also visit my web blog :: http://www.backlinkbasis.com/

    ReplyDelete
  7. Good day! I know this is kind of off topic but I
    was wondering which blog platform are you using for this site?
    I'm getting tired of Wordpress because I've had problems with hackers and I'm looking at alternatives for another platform. I would be fantastic if you could point me in the direction of a good platform.

    my website; videos von youtube downloaden
    my site - online radio

    ReplyDelete
  8. Ιt's amazing for me to have a site, which is helpful for my knowledge. thanks admin

    My weblog; visit the next website

    ReplyDelete
  9. The fact that Тоуοta chose tο
    upgгade the еxtеriοг
    styling, inteгior quality аnԁ
    interiоr roominеѕs οf thе redesigned 2012
    Yaris hatсhback rather than upgrading thе powertгain sayѕ a lot
    abοut how Toyotа vіews the needs of small car buуeгs.
    Yet anothеr way to сonstruct a dеvice to haгness energy frοm radіо waves iѕ using
    an antenna, connecteԁ to a seriеs of diоdes and a capacitoг bank that iѕ eаrthed.

    Proffering multifarіоus benefitѕ to the аdѵertiѕeгs, it is a quinteѕsential resort for companies big oг small.


    Fееl free to surf to my blog - youtube downloader online

    ReplyDelete
  10. Essentially, it is usually drastically more affordable in the event you exchange the actual battery oneself, as opposed to finding a storage area
    to get it done. If you don't want to use Safari to navigate to pages, zoom in, and read articles, Byline may be just the app for you. Both Intel and AMD contain information built in the processor to allow the processor to be used efficiently with mobile computing saving on battery life while giving the best performance.

    My homepage kostenlos spielen ohne anmeldung

    ReplyDelete
  11. Pop the battery ribbon connector out and remove the battery, again held in with a dab of glue.

    Remove other nearby wireless devices, such as a cordless or cellular telephone and make sure the mouse is
    at least eight inches away from a wireless keyboard.
    Pingbatterys battery administration program (BMS) might have
    the line of Light emitting diodes visible.

    Here is my weblog :: radiosender

    ReplyDelete
  12. - Portion with certain human being variety numerator and denominator, involving 0 and a
    single (e. Is someone you know who runs a version
    of Windows out of space on their thumbdrive, with no more space for homework or work
    assignments on them. You could also do your very own version connected with makeovers and allow a celebrity a whole different start
    looking.

    Feel free to surf to my blog :: kostenlos spiele spielen

    ReplyDelete
  13. Drama Free Radio's mission as a Christ centered company is to search high and low for the best independent artists, authors and speakers to introduce and promote those that focus on messages that inspire and motivate the listener to be all that God created them to be. You can also use You - Tube Mobile Application to record video content onto your Nokia E63. Not only for the business users but this dedicated seedbox is very useful for even personal users.

    Have a look at my homepage :: just click the up coming internet site
    My page :: http://pactchichenroti.webs.com/apps/blog/show/24208602-reasons-why-you-should-upgrade-your-appliances-to-energy-star

    ReplyDelete
  14. The particular electronic cigarette ego basic starter kit is fantastic for new users.
    However, it is still possible to insect the terminals and make sure there is no corrosion.
    Both Intel and AMD contain information built in the processor to allow the processor to be used efficiently with mobile computing
    saving on battery life while giving the best performance.


    Feel free to surf to my webpage; myvideo downloader

    ReplyDelete
  15. These five free basketball game apps for the i - Phone will surely help you get your game on.
    One way to test yourself is to deal yourself hand after
    hand in front of a mirror and watch yourself as you
    react to the cards. Even when things seem hopeless, Kiko's narration provides some great comedy relief.

    Here is my webpage internet radio
    My page: spiele spielen

    ReplyDelete
  16. The Federal Emergency Management Agency (FEMA) has made available to communities literature which provides guidance
    and technical information educating communities on how to
    become disaster resistant in the face of natural disasters.
    An alternate electrical power source reduces the probability that the access technique will
    turn out to be inoperable via strength reduction and aid conserve battery
    lifestyle. Although, sound card is integrated device, it functions similar
    to brightness of the screen when talking about power consumption.


    Feel free to surf to my web page :: www.preciousmin.com

    ReplyDelete
  17. Tomb Raider, Mega Moolah, Mermaid's Millions, and Blackjack are some of the new Android game apps that have been released from Microgaming's partner,
    Spin 3. Some viewers might even wonder why Sam doesn't simply pick up the phone and call the police, though the story is so engaging that the audience can easily overlook those issues. Perhaps it's a good thing that he doesn't get too kinky'after all, the short films are supposed to encourage fans to go green, not to daydream about being tied up in Christian's Red Room of Pain.

    My website: opiates

    ReplyDelete
  18. I see the Fox News coverage of this seedling boycott as a way to push
    readers and viewers of the channel to support a business which displays
    the save anti-Obamacare stance as the network.

    Small business taxes are due and owing if a hobby has grown into a business
    venture. The big business fish is used for food
    to feed our world but only a few are used for fish when they come off a hook
    on the end of our line.

    my web-site: cadillac cts v

    ReplyDelete
  19. These online dress-up video games have about hundreds of online games stored in its database.

    Like a pc when much too many programs are downloaded at the moment the process can shut lower from overuse.
    Many games have role-playing incorporated and
    from the young age kids quickly learn from your heroes they choose to be.



    Also visit my web site ... gratis spiele spielen

    ReplyDelete
  20. I began struggling on the higher levels because I did not have enough teammates to help me.
    For most young people, playing games on a computer,
    video game console, or handheld device is just a regular
    part of the day. Although others may not have a
    specific machine for her, but at least they have most likely computers in
    their homes.

    Here is my webpage :: gratis spiele spielen

    ReplyDelete