February 2, 2012

Crypto tools for P2P friendnets

Some reading up on crypto, I came across some relevant but not widely known cryptography techniques that can benefit P2P friendnets:

It turns out what I was thinking about in terms of friend logins without revealing passwords is a widely researched area called zero-knowledge password proofs. In particular, one application of zero-knowledge password proofs is encrypted key exchange, the patent for which just expired at end of 2011.

Even more directly applicable, there is a 2009 paper by Michel Abdalla, Xavier Boyen, CĂ©line Chevalier, and David Pointcheval on how password-based public key infrastructure can be built using multiple nodes ("how your friends can help you remember your keys" - also see the slides).

One thing I haven't seen considered yet for P2P publishing is broadcast encryption. Originally developed with the goal of digital restrictions management for centralized distribution, broadcast encryption seems useful as a way to manage "unfriending" people in a P2P social network.

On the web browser crypto front, OpenPGP is currently soliciting help for a JavaScript port.