| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by GuidoW 1894 days ago

My beef with many chat apps is to have to authenticate with my telephone number or an email address. Both are hard to acquire in sufficient quantities for a 'normal' user.

So I came up with a decentralised authentication system.

It offers easy key exchange between total strangers. Once they create an private channel there is no way for authorities to take it back.

Here's the protocol:

Signup: - each site operates an automated CA; - an account is a nickname and public key; - the sites' CA creates a certificate binding the nickname, public key and site-root-CA together; - the user's User Agent does the hard work of the crypto.

Requirement: the nickname and public key have not been seen before, the CA rejects when either has seen before. This creates a one-to-one mapping between nicknames and public keys. This one-to-one relationship will be verified. All hell breaks lose for the automated CA that cannot comply with that simple requirement: uniqueness.

Posting messages: - users can create as many accounts at each site; - users can post public messages at that site, the messages are signed using the account's private key.

Reading messages: - the site publishes the message signature along with the message (perhaps hidden with CSS); - the user's user agent verifies the signature; - if the signature matches, (and the uniqness requirement holds) the agent offers the user the option to write a private message, encrypted using the public key that has been validated form the signature.

The reader then writes a private message to the writer of a post. The site delivers it (or not). But if yes, then we have a successful key exchange between two people who have never met in real life!

To repeat: This does not give any certainty about the person behind the signed message, all it offers is a key exchange between strangers.

This opens new avenues. Suppose the reader (of the message) starts a tor hidden service and sends the onion address to the writer. When the writer wants to, he connects to the reader, both authenticate using their private keys and set up a session key. They now have a secure channel, independent of the site. In fact, when the site gets censored, this channel remains.

I wrote a lot about it this on my site: https://eccentric-authentication.nl/