Complete Anonymous Server

Is it possible to prevent a chat server from knowing who is talking to who?

such that there exists a function negl such that
Pr[A(x,y)=1] < 1/2+negl(x,y)

where Pr is probability and A outputs 1 if the server can correctly guess if x and y are communicating. negl is defined as asymptotically negligible (i.e. negl<1/p(x) where p is some polynomial).

I like the idea. There should be this kind of irc channel. Maybe we should modify some simple irc daemon to completely anonymous?

Is it possible to prevent a chat server from knowing who is talking to who?
Yeah, that's called Tor.

>>1
The server couldn't route chat input to other users if they didn't specify who they were talking to, so instead all chats would go to a central pile of messages that all users have access to. Upon connecting, the user submits a public key and user id to the server, which is made available to all other users. If user A wants to initiate a chat session with user B, user A creates the tuple, (start_token, user_A_id, message_data, user_A_signature), and encrypts it with user B's public key. User B gets the list of new messages, and attempts to decrypt all of them using B's private key. If any of them have a valid start_token at the beginning, the message content and user A's id are processed, an the signature is verified.

It could work if start_token was a content, but that might enable replay attacks. You could make start_token dependant on a timestamp. The cipher would need to resist known plain text attacks.

Oh, this doesn't work since the server can encrypt the start_token with each user's public key and see who is getting messages by tracking the headers of the encrypted messages. The server can tell who sent a message by keeping track of the user's ip addresses and noting which ip the message arrived on. Users would need to either all use the same proxy (which just gives the proxy this information, who can then conspire with the chat server) or an anonymity network.

tldr don't use a central server

You could have a trusted group of friends exchange a shared private key, and they could just encrypt all their messages using the symmetric cipher. Then you would have secure groups. This is better since the server wont have the key that encrypts the start_token. The server will know who is sending what quantity of messages, but wont be able to determine who is receiving them or what they contain. Unless you have a member of your your group that relays decrypted messages to someone.

You would need to do the key exchange in a way so that the server doesn't know who belongs to what group.

Dining cryptographers probably applies here.
It's a method of broadcasting messages between a group of k clients such that it's impossible to determine which of the k clients originated the message.
Although this system is decentralised, so maybe not.

Sounds like what you want to do is just connect over Tor or something.

>>6
tor is shit

>>7
You gunna give a reason?

>>8
idiot.

>>7,9
poopie brain wee bum face!

>>1
Pick your favourite:
https://en.wikipedia.org/wiki/Anonymous_P2P#Public_P2P_clients

>>2
https://en.wikipedia.org/wiki/I2P#Technical_design

>>4,5
Thank you!

>>8
https://trac.torproject.org/projects/tor/query
https://en.wikipedia.org/wiki/Tor_%28network%29#Weaknesses

PS
nice find: https://en.wikipedia.org/wiki/Syndie

>>11
thank you for restoring my faith in /prog/

say someone finds an exploit in tor, allowing a node to infect its neighbor nodes. Someone could infect the entire network.

>>11
Freenet is java shit, fuck off. If you're too stupid to design your code to be cross-compilable with little manual effort then you can't be trusted for security. And that's to say nothing of the steaming pile of shit that is the JVM. It wouldn't suprise me that Oracle leaves those gaping holes just so they can exploit them.

>>11
Timing attacks are possible amongst all consumer grade low latency anonymity networks.
The resources required to mitigate them while still keeping the low latency property are greater than most users can spare, since it quite literally requires you to send a constant stream of traffic even when you have nothing to say.

The other ones (bittorrent attack and email password interception) are also common amongst all protocols that are not fully peer to peer. It an application layer attack that is out of the scope of Tor, since it could have been avoided completely had the website's owners used HTTPS instead of plaintext HTTP.

The only attack on there that actually has relevance to Tor's thread model is the one by the engineering school. Tor wrote a blog post discrediting it, but I'm not familiar with the attack so I won't say anything more on it.

The only reason Tor has such a large "weaknesses" section is that Tor has the most researchers working on it. It says nothing of the actual security of the service except that it's well researched.
Please don't let your ignorance create fear like that

>>14
Just compile it to C you twat.

>>15
points taken. But with that said I think I would prefer latency over timing attacks.

>>14
OT but Java really failed its mandate. It's not meaningfully cross-platform. You can write code that will run on all systems and interface poorly with all of them, or you can write platform specific code (or use someone else's) and have it work fine if you don't mind the stut                    er.

Oracle put it to good use initially, as an install script for their steaming pile of relational feces. Nobody had Java installed at the time except as a browser plugin, so it was a big warning sign that read: YOU MUST BE THIS ENTERPRISE TO ENTER.

>>14
Still waiting on your ANSI C/Scheme/Haskell/Erlang/ATS/OCaml/Standard ML/Coq/Scala/ implementation.

>>15
I am not spreading FUD. Which is why I told OP to pick any he likes. I am just pointing out >>7's plight of all the known weaknesses and exploits of tor. I do concur that since it has more backing, these exploits are being taken a look at. However, OP is asking for an anonymous network, hopefully a mesh network, were nodes are not known or request, only keys are asked. But yeah, all of them have problems, even Freenet:
https://bugs.freenetproject.org/my_view_page.php
I mean, who uses CHAOSNET these days?

>>17
https://wiki.freenetproject.org/Installing/POSIX
Java 6 or later. If you want to use a free JVM, OpenJDK has also been reported to work fine with Freenet. Most GNU/Linux distros have this is their repositories; look for "openjdk-6-jre".

>>19
I'm just here to shit on java, not interested in using freenet/tor/whatever. All you've said is "it's a java app" which is nothing new.

>>20
Dick is that you?:
http://thedailywtf.com/Articles/Classic-WTF-Java-is-Slow!.aspx

>>20
The point he is making is that you can use any JVM, including OpenJDK, which does not have Oracle's DRM and exploitations. Here are a whole list of them:
https://en.wikipedia.org/wiki/JVM#C_to_bytecode_compilers
https://en.wikipedia.org/wiki/Comparison_of_Java_virtual_machines

Left out the most important link:
https://en.wikipedia.org/wiki/List_of_Java_virtual_machines

>>21
I didn't say Java was slow and sadly my name's not Dick.

>>22-23
I didn't bring up any problems switching JVMs will solve. Azul helps but isn't perfect.

>>23
They have a list of EVERY virtual machine!?!?
In the world?!?!
How horrifying!
I don't remember telling anybody about mine!

well, well, what's this here thread not doing on the front page!

>>26
Same thing it was doing on the front page. Festering.

>>1 check this:
https://bitmessage.org/wiki/Main_Page

also you may like this:
https://ritter.vg/blog-deanonymizing_amm.html

>>28
Written in     FIoC
Stable release     0.3.5

NOPE.mp4

>>27
It was more languishing than anything.

IT WAS MORE LANGUISHING THAN MY ANUS