Silk Road forums
Discussion => Security => Topic started by: someone2222 on August 17, 2013, 07:56 pm
-
Any intelligent person would have concluded long ago that we are all already being tracked traced and monitored. The leaks by Edward Snowden have given some insight into the methods that are used to track trace and monitor users over the internet and other public communication methods. I have heard about off limits floors in att datacenters as early as 1995 being used to monitor all phone and data traffic.
Part of the disclosure spoke about identifying people through grammar and punctuation. If you use the same grammar and punctuation on this site as you do elsewhere you can be identified. Try as much as possible to change the way you speak vocabulary used kill the smileys and superfluous punctuation. Attempt to speak like everyone else so that they are unable to tell one person from another. Stop using conjunctions phrases and acronyms which can be used to identify you elsewhere on the internet.
Encryption gives you a false sense of security. Any encryption method can be exploited by a man in the middle attack if not authenticated against a third party certificate authority except in cases where encryption keys are exchanged in person. I am not saying not to use encryption only that you should be aware that encrypted communications are not necessarily safe. A middle man attack works by having a third party intercept the encryption keys for both ends. Point A will request the encryption key from Point B and vice versa. The middle man intercepts the requests from A and B and sends their own replies negotiating the keys independently. Point A and B never authenticate directly with each other. The middle man is then able to view or alter text as desired before delivering it to the intended destination. All key exchange methods are vulnerable to this exploitation. The only exceptions to this are where a trusted certificate authority can be used and only when you can trust the public key of the certificate authority. In the case of silk road where pretty good privacy is primarily used the public keys can be altered on the fly to allow interception and manipulation by a third party before sending the content to its final destination. Tor has been known to have controlled relay points for a long time and these middle man methods can be used to intercept encrypted messages.
As I said previously I am not saying not to use encryption but that you should be aware it is not a full proof method for privacy. The only method of encryption you can trust is one where keys are physically and in person passed from person to person. Always double check any public pgp key posted by yourself to be sure that what you posted is what you intended to post.
-
I agree that man in the middle attacks could be a problem here, specially if Silk Road is ever compromised. Because the site itself is the main place where customers get their vendors' public keys, if it was ever taken over it could act as a man in the middle and be used to unmask the addresses of customers. This makes encryption worthless and poses a real problem for small-time dealers who buy in bulk.
We could prevent this by asking vendors to store their keys on a clearnet keyserver, or by inventing some sort of decentralized, tor-based keyserver or verification technology if it doesn't already exist
-
Is the OTR encryption protocol vulnerable to this type of attack? It utilizes fingerprint verification using "question and answer", "shared secret", and manual fingerprint verification and obviously XMPP servers use SSL.
I so do not understand how they could do this with a diffie-hellman exchange as only public keys are shared between clients and the private key of each person would be required to decipher the conversation.
More info on this would be appreciated.
-
Is the OTR encryption protocol vulnerable to this type of attack? It utilizes fingerprint verification using "question and answer", "shared secret", and manual fingerprint verification and obviously XMPP servers use SSL.
I so do not understand how they could do this with a diffie-hellman exchange as only public keys are shared between clients and the private key of each person would be required to decipher the conversation.
More info on this would be appreciated.
Diffie hellman key exchange can be attacked by a man in the middle as can any other key exchange method. Diffie hellman assumes that the channel that it is talking to when generating the key is point B and not actually someone who has intercepted the key exchange request. If you are point A attempting to communicate with point B but point C intercepts both requests and answers these queries independently point A would receive point Cs key and point B would receive point Cs key. The communication then flows from A to C to B. A encrypts using Cs key. B encrypts using Cs key. C plays middle man for A and B.
Adding a shared secret to the mix is only as secure as the method which was used to exchange the key. If you share a key in clear text in IM or email any party can pick that up. If you preshare a key in person through a medium which cannot be eaves dropped logged or monitored then yes it is secure. No middle party can intercept any communication without knowing the key used by both parties. If you never renegotiate key except over an already secure medium you can be sure of security unless one of the parties is compromised.
The problem is if A never communicates directly with B and only communicates directly to C who communicates to B. Then any keys or negotiations are done with C and not B and the channel is never secure. The only way around this is using a certificate authority which still relies on trust of an authoritys public key or to exchange keys in person. The certificate authority itself could still be compromised.
For darknet encryption the best way would be to exchange keys in person. The second best way would be to have a certificate authority which can be used and trusted to verify certificates. Due to the possibility of a single certificate authority being compromised it would be ideal to have a multiple certificate authority system where a single public key is signed by 10 or more certificate authorities. The client could then contact these certificate authorities and verify a percentage of them before returning a valid result. For instance of 10 certificate authorities 8 must return a matching result for the result to be trusted. The public keys for these certificate authorities could be preshared on hard copy or on secure locations on the normal net. The way that these certificate authorities are setup in the normal net is to include them by default in the browser package. So when a user would download tor it could contain these darknet certificate authority keys by default.
-
what if the actual tor browser was somehow compromised and an update included a backdoor? I know it being open source it would eventually be discovered but how long would that take?
-
Regarding identification by habits and patterns in style, someone should write a program to automatically restyle and restructure text, sort of like a spellcheck or auto correction it could offer suggestions and ID areas of concern. Maybe offer some synonyms and reworded sentences.
-
Perfect forward secrecy, 256-bit encryption or greater (especially elliptic curve cryptography) and 2048-bit or greater asymmetric RSA encryption are all admitted nightmares to the NSA. Snowden's stuff has shown what they fear behind the scenes. Use those things with long enough passphrases and you're golden.
One more thing: to stay far enough ahead of the government be sure to use 4096-bit RSA keys for GPG
-
No chance. A whole team of volunteers works on the code. A whole TEAM. The compiled code is always reviewed by multiple people to be consistent with the source before anything gets out the door. Otherwise Tor would've been compromised a long time ago. If you're this concerned about Tor then make sure to verify every build with the correct GPG key and the ASC file that goes with each executable.
what if the actual tor browser was somehow compromised and an update included a backdoor? I know it being open source it would eventually be discovered but how long would that take?
-
Diffie hellman key exchange can be attacked by a man in the middle as can any other key exchange method. Diffie hellman assumes that the channel that it is talking to when generating the key is point B and not actually someone who has intercepted the key exchange request. If you are point A attempting to communicate with point B but point C intercepts both requests and answers these queries independently point A would receive point Cs key and point B would receive point Cs key. The communication then flows from A to C to B. A encrypts using Cs key. B encrypts using Cs key. C plays middle man for A and B.
@someone: you're talking about things like SSL or what Tor uses - "traffic encryption", right?
But if I use the Public key of someone for encryption no man in the middle can decrypt my message/address.
He needs to have the private key of my partner.
In your scenario all the traffic is en- & decrypted with the keys of "C".
I only want to make one point clear: if everybody uses PGP for send his/her address/messages to vendors
then they are on the safe side (regarding mitm-attacks)
Best regards,
pf
-
what if the actual tor browser was somehow compromised and an update included a backdoor? I know it being open source it would eventually be discovered but how long would that take?
It wouldn't take long, as the sources are uploaded on version control/source code managing websites which shows you which lines of code were updated recently. You don't have to go through the whole program code again to see if there is any backdoor. Just the few 100 lines which were updated.
However the person who compiles the browser into a binary form may have added code which is not visible on the on the version control websites. This is quite unlikely though.