target: reduce middle man attack by forcing iiaom mutual identification
scenario: on hello firefox: before A and B entering the room they exchange thair iiaom hash which get positive or negative rating considering in the mutual only after which the session begin.
|Step||A to B||B to A|
|4||ASymEnc(img(A)) by |PubKey(B)||ASymEnc(img(B)) by |PubKey(A)|
|5||adjust the reputation of B considering iaom(A)==hash(SymEnc(img(B)),img(B))||adjust the reputation of A considering iaom(A)==hash(SymEnc(img(A)),img(A))|
This can be added in webrtc datachannel and even before its session for challenging in the session the reputation of the visitor to the room. It is for equal and free individuals in groups, specifically for Liquid unions, Rcoins and ComComized units, all implementable by the p2proles protocol .
|Next||General Anyone can create||How|
- 7/7: The first iiaom code is produced and available on github. The next meeting is next week in 19:00 14/7 cbase.
- iiaom-IMG(member) being an image file having the member's unique elment like face;
- iiaom-SYM(member) being IMG symmetrically encrypted by the member and stored by the uthenticating body (#R);
- iiaom-HASH(member) being hash(hash(iiaom-IMG(member))iiaom-SYM(member)), which is publicly available; and
- iiaom-ASYM(member) being IMG asymmetrically encrypted with the public key of (#R), which is send in uthenticating event to (#R) by the member.
The 6 steps for successful authentication::
- 1. member (#S) point to the link of the public hash (iiaom-HASH)
- 2. the authority (#R) provides the encrypted file to the member either in person or by communication through public keys
- 3. the member decode the encrypted file and give it encrypted to the authority (iiaom-ASYM)
- 4. the authority check the hash matching to encrypted and plane pictures
- 5. the authority identify the member as the one in the picture.
- 6. the authority delete the image after each authentication and before singing in both
- log transaction and
- in the credibility of the member.
For democratic applications,
- pulses of simultaneous peer to peer iiaom authentication shall be made until all members are authenticated, for avoiding human multiple identities, such that
- the authentication.in each pulse is performed in different locations per groups of such peers and each peer is both the #R and the #S for all the other peer in group,
- membered are authenticated only in one pulse except of the the additional pulses which are
- in each pulse a random pick of some percentage of the previous and of the current create another simultaneous pulse
- and if and when it is required one pulse for all members is performed.
Each member (#S) produces the OuterMask in 4 steps:
- 1. picture her/him self (iiaom-IMG)
- 2. symmetrically encrypt (eg by 7z) the picture (iiaom-SYM)
- 3. hash the picture , the encrypted picture and than both hashes (iiaom-HASH)
- 4. make the last hash available publicly
Each group has membership folder having
- -> log folder of files having nickname being (blindly) signed by group's authority (#R).
- -> nicknmae ->
- enc pic
- files of the pic being (blindly) sined by group authority (of which number equals the Credibility factor as in WOT)
- -> folder of more enc pic (so that the pictures could be changed)
The Inner Identifier and Outer Mask (IIaOM) protocol for producing reputation and transaction records based on public hashed picture, private map and picture of sender, transactions and objects being transferred.
For Authentication, The IIaOM, or the Inner Identifier and Outer Mask:
- Getting localized to scale to onion the problem of equality and accountability being invalidated by anonymity, for to cause the attacker to need interacting with each victim in addition to accessing data. To allow to Interact more with the nearer to reduce the manipulations over you from far, by more being identified by IIAOM, exchanging for Rcoins, and having your equal share of assets in ComComized units, with the nearer!
Who are the Players:
- #S=> sender (buyer) any user using @my
- #R=> recipient (seller/owner) any user using @my
- #O=> Operator special or any user/s using @op
- #A=> attacker/s
The IIAOM (Inner Identifier Outer Mask) , can be used have record transactions so that each Rcoin or comcom's share has the hash(id(transaction))) of its owner being #R or a measure of authenticity of #S being identified by all such #R
- H(picture(#S)) is a hash, published by #S , which is produced by a secret random map(#S) of rectangles upon the picture(#S), as the map defines each rectangle being separately hashed before added to the list (of all hashed rectangles) which is finally hashed to H(picture(#S)) ,
- stamped(#S&#R), distributed to the @Op(peers) by #S, is H(picture(#S)) encrypted by #S with the digital signature of #R, made only after #R recognizes #S in the picture(#S) and re-made the exact H(picture(#S)), by having the map with picture which being delivered privately from #S and
- II(#S) ( II as in Inner Identity) is a unique (12 digits) number used (like a Key-fingerprint) for representing one person only once in a community, where II(#S) indicates a log-appending-rec (log) record having all stamped(#S) attached with N(#S) being the number of different signing #R and
- IIAOM(#S) =Hashed((log-rec(II(#S))) used with H(picture(#S)) is used as stamp on transaction for which the recognition was made.
- Hence, if indeed all #R recognized #S in the picture, with higher N(#S) and bigger record(II(#S)), more authenticated is the identity(#S).
Vulnerability against (governmental) use of face recognition:
- deepened on the changes of picture(#S)
- 0. H(picture(#S)) is public, used like pubkey, could also be qr
- 1. log-rec(II(#S)) appended and distributed by #R to @op, has singed_by_#R(encrypted_for_#S(H(picture(#S))))
- 2. map(#S) secret, privately sent on wish to #R
- 3. picture(#S) secret++, can be changed and only privately sent on wish to #R,
- 4. seeing(#S) secret+++, cannot be changed be used in person or in parallel private communication,
After #R already has the public available H(picture(#S)), #R connect to #S to pay, by sending Rcoins, to #R, such that #S sends encrypted for #R the picture and map, then #R hash the picture by the map and only when matching H(picture(#S)) and then recognizing in person or on-line interaction #S as the one shown in the picture(#S), #R sign the transaction as singed_by_#R(encrypted_for_#S(H(picture(#S)))) and send to peers@Op, where the transaction identify the movement of all the coins from being identified with #S to being identified with #R….
#A use face recognition and try to identify the governmental identity, such as identity card, driving license or passport, of #S, by having log-rec(II(#S)) and one of H(picture(#S)) with the map(#S) , but not seeing or having the picture(#S).
- #A try unhash by the map for getting the picture, without the map this task is harder.
Threat model: The who,want,measures,countermeasures.
In general, when #S pay to #R, witnessed by the peers, the process is of specifically identifying the #S as the owner of the Rcoins and then the #R as the one being identified with them them.
When people agree to be equal, the problem in using government tools to prevent multiple human identities is, in our world, where governmental authorities break or can break the constitution of their states, while transferring, or giving a way to, private data to well hidden private authorities.
last minit note:
vulnerability: The encrypted picture is of a private and unique element such as organ, like face, or accessory like, secret number.
use case: voting , transactions ,trust-request, Pulses of simultaneous iiaom p2p authentication in remote groups:
- in voting by iiaom , all iiaom are accumulated, then all used iiaom are compared with iiaom->hash(id) in validating for approving or disapproving the voting privilege of that member, where validating returns 2 numbers: Ill= zero or the number of iiaom unkown in validating and the ratio of the number of iioams vs count in validating, as nonzero Ill indicates the voting as ill, and can be creaked per each vote and/or after all the voting.
- validating: iiaom > hash(id) < validating uniqness, such as in votings
- registrion: hashid > id,iiaom < regisrtion by trastee
trust: The iiaom of same user earning the trust is signed by and with the iiaom of the one authenticating that user. (should the signing be blind and storage on freenet?)
- 1. produce(image) returns (hash,sym) , ask to delete the orginal image
- 2. pass(sym) returns (asym),
- 3. auten(asym,sym,hash,communication) returns (signatures) after human authentication in communication matching all and then delteing the image signing in log and credlbilty .
- A human non machine authentication and a NOGOYO, which is still aligned with KYC (Know Your Customer) of the USA repulsive Patriot Act of 2001 (of the Project for a New American Century - PNAC - being before the event so obsessive about "catastrophic catalyzing event –like a new Pearl Harbor”), claiming to fight money laundering and being the only case for the stupid money investment trending, such as the one fincancing the Yo application and the traps for locating users by facebook google etc.
- By a remote trustee signing the match of a specific document of a user with her/his iiaom the iiaom is made trusted as that document and transferable without revealing the document information.
- The mutual revealing in using iiaom make it expensive for the few to control the many.
- Once matching the encrypted pictures from the iiaom with the human unique private element, the iiaom is valid except of in MITM eg. in all further communications and transactions, where the MITM can be overcome by parallel communication matching the iiaom again.
- one must communicate and been seen to see/have the image.
- no trace in the machin if the orginal image is deleted (so the app should enforce that).
- familiar practice like in gpg: (reputation is developed and public element like pub key is given and meet-up like crypto party) but without link to others out of the community like the government or identity theft.
- keeping anonymity by having 2 iiaom-HASH(member): 1st to be authenticated by and 2nd to be blindly signed by, as the member can have more then one iiaom-HASH(member) and is identified uniquely by a static one of the iiaom-HASH(member) and/or a unique username for issues of equality and accountability, whereas any of the other iiaom-HASH(member) are used in transaction made by member.
~~Page's End!~~ Ignore ads by installing adblockplus.