Monday, February 28, 2011

DP – Chapter 01 Privacy Enhancing Technology

Chapter 1 of Digital Privacy is about privacy enhancing technology. Looking at Email privacy processes are the result of common sense based on understanding how an email travels over networks and into harms-way of those wanting information about the senders.

The first thought is, ‘how to make the senders identity anonymous?’ The Type 0, initial technique incorporates the concept of remailers removing the senders ID and replacing with a pseudonym. The problem occurs when someone obtains a list of pseudonyms, which uncovers the sender real identity.

The next step was chaining with encrypted data, Type I. Since a number of emails are traveling across a proxy server, the order changed so that the first email packet in was not the automatic packet out. Traffic analysis uncovered size relationships and are pieces of information to trace the originator.

To obviate this traffic analysis, to make an analysis more complex, the packets were sized equally in the Type II techniques. Type III added additional techniques to provide more anonymity.

There are a number of interactive anonymity and pseudonymity Systems. Pipenet began, but the original concept shut down the entire link when a breach was found. Anonymizer.com initially used Type 0 remailer for Web services. And then the Onion Routing method, encryption in layers, was developed by the US Navy research offices. The Freedom Network used the Onion concept, but depended on paid support for their proxy servers. Tor followed with nodes run by volunteers.

Today, there are a number of communication privacy systems with familiar names evolved since their beginnings.  PGP, or Pretty Good Privacy, for emails.  Secure Socket Layer and Transport Layer Security for web traffic and Off-the-Record Messaging for IM. The Off-the-Record provided deniability for IM participants.

                       
For a look at one review of certificate authorities:

For one list list of Trusted Root Certificate Authorities, 2/10/2010, and BuiltInCAs-January-2011

No comments:

Post a Comment