Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - astor

Pages: 1 ... 92 93 [94] 95 96 ... 208
1396
Security / Re: Theory: Blind markets
« on: May 10, 2013, 01:26 pm »
See, that's why I was hoping for your input. I'm sure there are innovative crypto concepts that would be helpful here, which I simply don't know about. :)

1397
Security / Re: Theory: Blind markets
« on: May 10, 2013, 04:30 am »
I also came up with an equivalent to vendor reviews. Since most vendor reviews are 5 or 1 in practice, we can reduce that to 1 or 0, or signed (endorsed) or not. Vendor reviews can be based on a web of trust of anonymous transaction signing. When transactions are successful, buyers can sign them, even though others don't have their keys. They can still see that many seller transactions were signed by many anonymous buyers. So, when the seller provides his identity key, you are exposed to the number of transactions, the prices involved (to protect against sellers making 100 purchases of $1), the number of resolution disputes (through a special mark on the transaction), and the number of endorsements (or anonymous key signings).

The key difference is that you can't prove what the products in any of the transactions were.

1398
Security / Re: Theory: Blind markets
« on: May 10, 2013, 04:23 am »
So, while discussing this with some people, I overlooked a trivial defense against linking prices to listings. A seller could list a legal item at the same price. If a buyer wants to evaluate a seller, he asks for the seller's identity key. With that, he knows how many transactions the seller was involved in, and the amount of BTC involved in each transaction. Let's say the seller has one item, a gram of cocaine at $98.50 (a unique price, which is dumb to begin with, but go with it). My idea with fuzzing prices was that the seller would accept random transactions between $88.50 and $108.50 (or some range), so the public price couldn't be linked to the listing. But if the seller simultaneously lists a legal item (or two or three) for $98.50, then there's no way to prove (within the requirements of the legal system) that the other $100K in previous transactions were cocaine.

If the buyer is LE, all he could do is present a list of transactions at the same price, even though other products exist at the same price. He couldn't prove how many of each product were sold.

I really need to bounce these ideas off kfm.

1399
Security / Re: Theory: Blind markets
« on: May 10, 2013, 12:11 am »
Perhaps the prices could be "fuzzed" within a range. ie, the seller puts up a product and says that it can sell for between 1.0 and 1.2 BTC. The buyer agrees to buy it and initiates the transaction (or gets an escrow agent to initiate it), and the system picks a uniformly random value between 1.0 and 1.2 BTC to create the transaction. With enough overlapping price ranges, you wouldn't know which transaction price links to which product.

Sellers who expect to get paid 1.0 BTC for their product could pick a range like 0.9 to 1.1 BTC, knowing they would get that, on average, over many transactions.

1400
Security / Re: Theory: Blind markets
« on: May 10, 2013, 12:08 am »
I don't know man... I don't think that works -- the buyer has to know what he's buying, and even if you use a one way hash, anybody could just come along and try hashing all the products until they found one that matched.  Then by using the key words, they could figure out what it was as well as the buyer who originally bought it.  Am I missing part of what you're describing?

No, that's correct. It would have to be the case that anyone could discover all the listings, if any random buyer is expected to be able to find any particular listing. The key is a third party wouldn't know which products the transactions are involving, nor who the buyers or sellers are. Without the long term identity key, someone analyzing the block chain wouldn't know that Buyer X was involved in transactions 11386, 16882, and 23319. Not even the escrow agent would know that.

1401
Security / Re: Theory: Blind markets
« on: May 10, 2013, 12:02 am »
Ok, I see this going two ways now.

1. Revealing the price of the transaction could be optional, so it would only have to be revealed in cases where escrow services are used, although I imagine a large majority of transactions would involve escrow.

2. Prices of all transactions would be public. In this case, the entire market could be an extension of the bitcoin protocol, where the info about products, shipping address, the key signing stuff I mentioned above, become encrypted metadata associated with bitcoin transactions.

You might say, doesn't revealing the price of each transaction violate the privacy I'm trying to create with such a market? Not really. The bitcoin network already operates this way. All transactions are public, but you don't know what they are for. You can find transactions involving hundreds of thousands of dollars, and they could be money laundering, funding terrorism, large drug buys, etc. The extended protocol simply includes that (encrypted) metadata in the transaction to create a market. Well, it's not that simple, there would have to be an elaborate key signing / management mechanism to allow third parties (escrow agents) to view transactions when it's necessary, and do all the buyer/seller stats stuff.

Still, in case 2, it could be relatively easy to implement.

1402
Security / Re: Theory: Blind markets
« on: May 09, 2013, 11:05 pm »
Ok, one thing I realized is that in order for escrow agents to get paid, the price of the transaction must be known to them. That's fine. The product could still be hidden. And there's no reason this market would have to be for drugs only, so there's always plausible deniability.

Then there's the issue of sellers deciding to trade based on buyer stats. I think this can be solved with multiple keys, like Tor relays use. Each buyer can keep a long term "identity" key and use "ephemeral" keys for each transaction. The ephemeral keys are cryptographically related to the identity key. If a seller requests to see a buyer's stats, he reveals the identity key, and the seller can interrogate the database to find other transactions signed by keys related to that key (this could be done automatically by the software). And since the price is public, they could compute # of transactions and total spent (same stats you get on SR today). Alternatively, buyers can maintain more privacy by refusing to reveal their identity keys and only buying from sellers who don't request it. At least it would be a choice.

Also, transactions that are handled by escrow agents and that result in a resolution could be marked in a special way, so sellers could get stats on that too.

Just thinking out loud here.

1403
Security / Re: Theory: Blind markets
« on: May 09, 2013, 10:45 pm »
And of course, if it's decentralized, there's no central point of failure, no central server to seize or DOS. It would be as hard to shut down as the bitcoin network.

The more I think about it, the more I like this idea. Tell me where I'm horribly wrong? :)

1404
Security / Re: Theory: Blind markets
« on: May 09, 2013, 10:43 pm »
I should add that this system doesn't compete with SR or put it out of business. There would be a need for escrow services. Would you trust Atlantis Escrow Service or Silk Road Escrow Service? People trust DPR and gang. They would get plenty of business as escrow agents for the decentralized market. The difference is that they wouldn't know about the contents of the 95% of transactions that complete successfully (although they would still get paid for overseeing them), so the buyer and seller are safer. Even DPR would be safer, since he wouldn't be a central target, storing all the info. He would only know about 5% of the transactions. The rest would exist anonymously in a database that anyone could inspect already.

1405
Security / Re: Theory: Blind markets
« on: May 09, 2013, 10:27 pm »
Yeah, I'm starting to think that the only way this could work is if you got rid of the market admins altogether and used a decentralized database like the block chain. The "network" maintains it. As long as there is at least one node, the market continues to exist. Sellers submit listings which are encrypted but provide key words. Buyers discover listings by searching for key words. Transactions are p2p, so only the buyer and seller know that a particular transaction involves them (although anyone who downloads the database knows that a transaction exists, just like bitcoin transactions today).

You lose escrow and resolution, but that could be provided by third party services for a fee. In fact, that's what the role of "market admin" in today's markets could evolve into. Before engaging in a transaction, buyer and seller could agree to use a third party escrow/resolution service. They inform the service, which initiates the transaction, but the service doesn't know the content of the transaction (the product and price) until a dispute happens and it is revealed to them. In order to complete the transaction, both parties must sign it, or something along those lines. So a dispute happens when at least one party refuses to sign. At that point, the transaction details are revealed to the escrow/resolution service, which decides on a result. Another way of putting it is, a third party initiates a special type of transaction, whose contents are not revealed to the third party as long as the first two parties (buyer and seller) sign it within some amount of time.

In this system, some transaction details would be revealed to outsiders, but all the transactions that conclude successfully remain private between buyer and seller. That's better than the current situation, where one entity knows about all transactions.

1406
Security / Re: Theory: Blind markets
« on: May 09, 2013, 08:36 pm »
Yes, of course, but the idea is that they couldn't link a particular listing to a particular transaction in their database (unless they made the purchase themselves). The prices would probably have to be rounded to specific numbers, like 0.1 BTC, so that many listings are at a specific price.

I don't know if it's possible, really. I'm just throwing it out there. :)

1407
Security / Theory: Blind markets
« on: May 09, 2013, 04:58 pm »
Edit: If this is your first time reading this thread, skip my stream of consciousness, and read this post first:

http://dkn255hz262ypmii.onion/index.php?topic=157711.msg1112047#msg1112047

=================

The principle design feature of Tor is distributed trust. It could also be described as division of information. No single entity can see the whole network, and no single entity can see your whole circuit. If the Tor Project ran every relay, you would not be anonymous. If the same person ran your entry and exit nodes, you would not be anonymous. Instead, a diverse group of volunteers from around the world add their relays to the network. Your entry node can see who you are (your IP address), but not what you are doing (the sites you are visiting). Your exit node can see what you are doing but not who are you. There are known attacks on this model, but your anonymity and safety are perserved if it holds.

Now consider a black market like SR. There are a few key pieces of information involved in every transaction. The buyer's identity, the seller's identity, the product, and the amount of currency exchanged. Under the current model, we trust the market admins with our currency and the product listings. The buyer can (and should) encrypt their address, so only the seller knows that. Nobody knows the seller's identity, although their city or rough geographical location become know to the buyer when the product is received. So, theoretically the market admins know the products and currency involved, but don't know the buyer and seller identities. The buyers and sellers know each other's identities (to some extent) and the product involved, but not the details of the currency exchange. The information is distributed to some extent, but I think it can be improved.

I'm interested in the concept of a blind market, where the market admins don't know what products are being sold. (This reduces their liability as well.) They only know that buyer1 sent 3 BTC to vendor2 for product <hash3>, or something along those lines. If the market were compromised, LE would only see a series of anonymous transactions for unknown products. The only ones they could deduce would be transactions that they were personally involved in as buyers or sellers.

I'm stuck on how this could be implemented. You can't just hash every product listing, because you wouldn't be able to reverse the hash to present it to buyers. And even if you could, you would be able to log in as a buyer to connect the hashes to the products.

So I'm wondering if there's any research on blind markets, or if anyone knows about this. Maybe the concepts behind blind mixes would be useful here. Any ideas?

1408
Security / Re: Will this compromise my address?
« on: May 09, 2013, 02:42 pm »
You could try to get fake documents, but yeah, if you give them real ones then obviously your address will be compromised.

Keep in mind, that if you don't pass their verification process, you will probably lose all access to your account and the money in it.

1409
Security / Re: TOR Security Question
« on: May 09, 2013, 02:38 pm »
It's technologically safe, ie TorBrowser isn't going to leak info to a clearnet browser on its own. However, the potential for human error increases. If you're accessing Google over Tor and type a search in but accidentally type it into the clearnet browser, you have leaked info. It could potentially deanonymize you.

As always, your behavior is half of your protection, and there's nothing TorBrowser can do for you if you behave in unsafe ways.

1410
Yeah, I mentioned that before. There's a noticeable lag of a couple seconds when decrypting with 16K keys. This one seems even longer, maybe because it's encrypted with two 16K keys. Now imagine something like Diaspora, where you would encrypt a status update to 50 friends with all of their public keys.

Pages: 1 ... 92 93 [94] 95 96 ... 208