Alice and Bob with to exchange totally secure messages which cannot be decode by any third party.
They create a web service that broadcasts (using EventSource) non-deterministic random number generator (NDRNG) blocks - pulled from a hardware NDRNG - (1,024, 2,048, etc.) of 8-bit integers or perhaps choose from a commercial service.
(Initially they may require some external verification that the service they are using is in fact the same, i.e., not hacked in some way. This could be accomplished, for example, with a public key signing of the blocks.)
Each NDRNG block has a sequence number and is transmitted on a short, prescribed, time-based standard, predictable interval.
Alice and Bob each poses a computer capable of subscribing to this EventStream to capture blocks. The computer will also have the ability to capturing both arbitrary web data as well.
While Alice and Bob could agree to use the NDRNG EventStream blocks directly at specific times as a one-time cryptographic pad obviously anyone else who happened to capture the same block(s) would be able to trivially decode their messages.
To avoid this problem Alice and Bob agree to exchange a specific type of program as a ‘key’. The program has specific, unique properties:
1) It is “synchronous” with respect to both Alice and Bob in time such that information on its state of computations (data, program counter, program memory, blocks, altered blocks, etc.) is the same for both Alice and Bob over time, i.e., both their computer compute identical values and have identical state at identical times.
2) It consumes and retains some set of block data from the EventStream.
3) It performs operations on blocks in a “closed” manner: operations must not introduce data derived from non-block sources. For example, treating two sections of two blocks as 32-bit integers and replacing one section with the sum of the two integers is valid because only block data is used. The addition could generate a carry which, again for example, could be used to shift another block. This is valid as the carry is the result of a block-only operation. But adding an epoch time to a block, for example, in this way would be invalid.
4) The order and selection of operations within the program may be controlled by block data or be coordinated using some data synchronously gathered by both Alice and Bob. For example, the selection of which 32-bit integers to use within which block and the ordering of these additions could be controlled by bits fetched from some portion of a Bitcoin ledger selected by the program (obviously the program would fetch arbitrarily many external data sources so tracking web operations would not easily reveal what data was actually used). Further, block data can be used to alter, modify or add to the program over time as well as exclude blocks or other previously computed data from future computations.
5) At various synchronous points of operation the program extracts an arbitrary set of data form its state to create a “one-time pad.” Pad creation may, for example, be performed by an algorithm that ensures a uniform distribution of one’s and zeros in the pad. Bob and Alice exchange messages using these one time pads: message exchanges are synchronized in time to the operation of the program.
The idea here is that the internal state of the programs memory is a set of altered blocks of NDRNG data.
It would be impossible to monitor all data received by Bob or Alice and attempt all possible permutations of all possible operations on that data in order to guess the program state.
Pads are continuously generated over time and the only connection between Alice and Bob is the state of this computation.
Notes: https://www.design-reuse.com/articles/27050/true-randomness-in-cryptography.html
No comments:
Post a Comment