Introduction
Starting with classical cryptography, from its inception to its rebirth into modern cryptography, there has always been a problem of transferring an encryption key between subjects. The problem was partially solved in the second half of the 20th century, with the emergence of an asymmetric section of cryptography, when an eavesdropping attack became impossible [1]. Nevertheless, the original problem still remains and is exploited to this day, albeit in a veiled form.
The obstacle that has become on the solution of the problem lies in the element of trust, in its presence and in its absence. If you do not take any measures to establish trusted connections, then any connections will a priori be subject to MITM (man in the middle) attacks. On the other hand, if you establish trusted connections, then the possibility of MITM attacks does not disappear, but decreases. And now, along with the original subjects, there are intermediate, interstitial subjects (servers, nodes for storing and transmitting information), chosen by us, and are legally established attackers. Only by limiting the range of attack, they do not stop potentially attacking. These nodes know all information transmitted by us and to us: hobbies, interests, hobbies, entertainment, messages. Further, this information (object), as often happens,begins to convert into advertising, on the basis of which the capital of all the same intermediate entities increases. As a result, the whole problem is completely turned upside down, and now, instead of looking for a connection for eavesdropping, the attacker creates it himself, he himself becomes the foundation of listening in the guise of a server, and people, in turn, only choose the face of the one who is behind they will be closely watched.
It is not possible to destroy such a system of trust because of the emergence of more general and destructive types of attacks, as well as because of the impossibility of completely eradicating trust as such [2, p.267]. Thus, all that remains is to improve this system, to make it so that its mechanism itself tends to reduce the power of trust *, so that its own structure represents the protection of objects and the anonymity of subjects. Systems of this kind include anonymous networks and covert communication channels.
The power of trust
* β , , . , , , , , . , , , . . , - . , , , , . , (-, ), , .
, , β , . , , β , , , . /, . , .
, , (, ). , , , . , .
, , . ( - ) , , . , . , . , , , , .
, , . , . : , . β β ( ), - . , . β β ( ), . , ββ , (-) .
, . , , / . , . , / , , , , . , .
- , , , , . (2,3,4,5,6 ).
|A| = 0*. .
-, -. , (, IP-, , ). . , , , , - . , , |A| = 1. -.
, , - . , , , lim|A|βC, C - - . , . , ( ) - , - , .
. , , , , , . , , ( ) . , , , [3] .., ( , ). , , , , , , - , [4, .398]. , , , . , ( ) () () . , - 0 < |A| β€ N, N - . , , , .
, , . . , lim|A|βC, C - . , Tor ( ), I2P ( ) ..
, , , ( ) . , , . 0 < |A| β€ N(C+1), N - , C - . , , . , , , .
, , , , , , - .
, , , [5, .223]. , , , , , . , . , , . , .
, , ( ), , , ( ). , , ( , ) . , , . , , , , , (lim|A|β1) . , , , , . , , . , . , . , . , , . :
. , . , , , , , . -- ( friend-to-friend), β . , , , . , , - , - . , , , , , , . friend-to-friend (f2f) , , , .
β . , , , () / (). , - , , . , . O(N) . , , N , N-1 . (TTL) , , , , .
, , , . , . , , , , , . , . , , :
β , . , . , . , , , .
. , - . , , A B, A**. Tor, , ββ, .
. , , . , . , , , . , . , . , , , β , ββ . , , . , , - -.
[6]
import (
"bytes"
)
func RoutePackage(sender *PrivateKey, receiver *PublicKey, data []byte, route []*PublicKey) *Package {
var (
rpack = Encrypt(sender, receiver, data)
psender = GenerateKey(N)
)
for _, pub := range route {
rpack = Encrypt(
psender,
pub,
bytes.Join(
[][]byte{
ROUTE_MODE,
SerializePackage(rpack),
},
[]byte{},
),
)
}
return rpack
}
, {A, B, C} ( β A) , , ( , ). , , , , , . , , , : (A β B A β C) β (B β C C β B) β (B β A C β A), , : (A β B A β C) β (B β A C β A)***. , (), . , ( , ), ( , ). , , , , , : (1) - (1) - (2) (1) - (1) - (1). , ( ), (2) (2), . , ( ) k n ( n = 2), (k, 2) = 2 ( β ), , k = 2, : (A β B A β C) β (B β C C β B) β (B β C C β B) β (B β A C β A). , : (1) - (1) - (2) - (2) (1) - (1) - (~1) - (1), . , (1) = (1), (2) = (1), (2) = (~1). (1), , . - , . , (3) = (2), .
, , , , . , , - , - , - - . , . , :
. , , . , . , , .
. , , , , , . , .
, , , , ( ). T, (2+k, 2) ( - ), , k = 2 4. , , , ( ). , , , , . :
k ( , ).
k [1;n], n < N ( ).
* β , , , . , ( ). , ( ).
** β , , . , , . .
*** , , , .
, , - , , , . , , , , - . , :
, , - , / [7] . , , (, ), (). (), .
, , , , . , , . , . , , , . ( |A| = 1), . , , . , , , , . - β ( ).
, , , . , , , . , , , , . , -, -, , , . , . , ( , ) 2MiB, 256KiB.
, , . , , , . , , (, ..), , . , , , . , , .
, , , . , , . , ( , , ), , .
, , , , , [8, .720]. , , , , , . , , , . , - , .
, , ( ), , ( ), ( ) ( , ).
, , , , . [2, .58][8, .80].
. , , , , , .
, . , , . . . .
, , , , , , - , . , , ( , ) .
import (
"bytes"
"encoding/hex"
)
func Encrypt(sender *PrivateKey, receiver *PublicKey, data []byte) *Package {
var (
session = GenerateBytes(N)
rand = GenerateBytes(M)
pubsend = PublicKeyToBytes(&sender.PublicKey)
hash = HashSum(bytes.Join(
[][]byte{
rand,
data,pubsend,
PublicKeyToBytes(receiver),
},
[]byte{},
))
sign = Sign(sender, hash)
)
return &Package{
Head: HeadPackage{
Rand: hex.EncodeToString(EncryptS(session, rand)),
Sender: hex.EncodeToString(EncryptS(session, pubsend)),
Session: hex.EncodeToString(EncryptA(receiver, session)),
}, Body: BodyPackage{
Data: hex.EncodeToString(EncryptS(session, data)),
Hash: hex.EncodeToString(hash),
Sign: hex.EncodeToString(EncryptS(session, sign)),
Npow: ProofOfWork(hash, C),
},
}
}
, , ( ) . , .
() , , , .
import (
"bytes"
"encoding/hex"
)
func Decrypt(receiver *PrivateKey, pack *Package) (*PublicKey, []byte) {
// Check proof.
hash, err := hex.DecodeString(pack.Body.Hash)
if err != nil {
return nil, nil
}
if !ProofIsValid(hash, C, pack.Body.Npow) {
return nil, nil
}
// Decrypt session key.
eskey, err := hex.DecodeString(pack.Head.Session)
if err != nil {
return nil, nil
}
skey := DecryptA(receiver, eskey)
if skey == nil {
return nil, nil
}
// Decrypt public key.
ebpubsend, err := hex.DecodeString(pack.Head.Sender)
if err != nil {
return nil, nil
}
bpubsend := DecryptS(skey, ebpubsend)
if bpubsend == nil {
return nil, nil
}
pubsend := BytesToPublicKey(bpubsend)
if pubsend == nil {
return nil, nil
}
// Decrypt and check sign.
esign, err := hex.DecodeString(pack.Body.Sign)
if err != nil {
return nil, nil
}
sign := DecryptS(skey, esign)
if sign == nil {
return nil, nil
}
if !Verify(pubsend, hash, sign) {
return nil, nil
}
// Decrypt rand.
erand, err := hex.DecodeString(pack.Head.Rand)
if err != nil {
return nil, nil
}
rand := DecryptS(skey, erand)
if rand == nil {
return nil, nil
}
// Decrypt data.
edata, err := hex.DecodeString(pack.Body.Data)
if err != nil {
return nil, nil
}
data := DecryptS(skey, edata)
if data == nil {
return nil, nil
}
// Check hash.
check := HashSum(bytes.Join(
[][]byte{
rand,
data,
PublicKeyToBytes(pubsend),
PublicKeyToBytes(&receiver.PublicKey),
},
[]byte{},
))
if !bytes.Equal(hash, check) {
return nil, nil
}
return pubsend, data
}
, , , , ( ), n- , i- . , β‘M/nNβ€+1 , M - , N - . , , .
, ( , ), , ( ) ( ). , . . , , . , , (, ), (, ) ( , ). ( ), .
. ., . . [ ]. β : https://ee.stanford.edu/~hellman/publications/24.pdf ( : 19.12.2020).
, ., , . . / . , . . . - .: Β«, 2005. - 420 .
, . : [ ]. β : https://bitcoin.org/files/bitcoin-paper/bitcoin_ru.pdf ( : 19.12.2020).
, ., , . / . , . . β .: , 2017. - 960 .
, . ., , . . / . . , . . . - .: - , 2019. - 300 .
Donovan, A.A., Kernighan, B.U. Go programming language / A.A. Donovan, B.U. Kernighan. - M .: LLC "I.D. Williams ", 2018. - 432 p.
Shelukhin, O. I., Kanaev, S. D. Steganography. Algorithms and software implementation / O.I. Shelukhin, S.D. Kanaev. - M .: Hotline - Telecom, 2018 .-- 592 p.
Schneier, B. Applied Cryptography. Protocols, algorithms and source codes in C / B. Schneier. - SPb .: OOO "Alpha-kniga", 2018. - 1040 p.