The Bastard Child of alt.anonymous.messages and Bitcoin
DARPA has called for proposals for a new anonymous secure messaging system. The design parameters they’ve selected suggest a type of messaging system that has known strong security properties. Although it may seem novel, the fundamentals are actually quite old, even for the Internet.
The principle of a public signal with a private meaning is positively ancient, it even appears in the Bible (Joshua 2:18). Encryption allows the content of that private signal to be both secure and verbose. The privacy is provided by the security of the interpretation — only the intended recipient can decipher the meaning of the symbol.
Converting this ancient system of signaling into a digital system of message exchange was first done in the early 1990s by the cypherpunks with alt.anonymous.messages.
Shared Message Board, Private Messages
The core idea that DARPA is asking for is to create a message system of the “public message board, private message” type. In this system, messages are encrypted to the recipient(s) and then posted publicly. Everyone participating in the system accesses all the messages, this provides cover traffic, but only the target can decrypt and read the content. This sort of “messaging scrum” protects metadata by ensuring that there is equal probability that every single participant was the intended recipient.
As one might expect, this is not a new idea in secure messaging. There have been several implementations of this in the past, including some extremely successful illicit organizations using this approach.
Alt.Anonymous.Messages
During the heyday of the cypherpunks and Usenet, there was a very active attempt to create a shared inbox style secure messaging system. This system used the alt.anonymous.messages news group for storing the messages, PGP for encryption, and remailers to strip email metadata. The technologies of the time were limited and so a great deal had to be done by hand. This both limited adoption and led to some serious problems.
The core principles of the design are extremely secure, but the implementation left too many points for operational errors. Of which there were many.
Tom Ritter finally got down to doing analysis of the Usenet AAM archives and he was able to unmask a number of posters. This presentation is the official death knell of that system.
YardBird
Based on the core ideas of the “public message board, private messages” approach pioneered by AAM, a pedophile group adopted the Usenet + PGP + remailer security protocol. This group was extremely successful in maintaining security even after they were infiltrated by undercover police for over a year. I have analyzed the group’s security practices in more detail elsewhere.
Fundamentally, the security of the group was provided by remaining anonymous within the group’s messages, so that even if the content was available to police (which it was) the members’ identities were not exposed. The encryption provided by a shared PGP key (which allowed group members to read the messages) protected message content from third party scrutiny. The use of Tor and remailers protected the individuals from discovery by metadata analysis.
Put it on the Blockchain
The DARPA proposal is essentially based on the same security principles as the old AAM list. The primary novel approach is to replace Usenet groups with “the blockchain.” Each user of the system will be able to participate in the blockchain and thus everyone will have access to all the messages. Adding data to the blockchain, in the form of messages, can be done by anyone.
The system will have some similarities with BitMessage, although the true origin is far back in time as alt.anonymous.messages.
Looming Pitfalls
There are problems with having a blockchain based message system. The main issue is scalability. Scaling up to millions of users is a serious issue, something that Bitcoin is experiencing now. There are also serious problems for mobile users, who don’t have the bandwidth, battery, CPU or disk space to process huge volumes of data all the time.
Bring It On
Despite the potential problems with blockchain based messaging, the attempt to solve “anonymous messaging” is laudable. This system design is based on sound security fundamentals and has a proven track record of success in the face of nation state level adversaries. I’m excited to see how it turns out.
Leave a Reply