STrRedWolf (![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png)
strredwolf) wrote2017-06-25 07:44 am
strredwolf) wrote2017-06-25 07:44 am
Entry tags:
Secure group chatting coffee-thoughts
Reading the happenings of having a (MTA Maryland) MARC train set being leased to (NYC MTA) Long Island Railroad (aka LIRR) to help with summer crunches... got me thinking about exclusive local communications though cell phones, and eventually onto secure group communications. I'll try to put it in laymans terms for those non-geeks, using some old standard-ish terminology.
Alice and Bob want to send letters back and forth, but know Craig (that NSA narc) is snooping around. What do they do?
Well, they encrypt their messages. To make it hard for Craig to snoop, they use what is called Public Key Encryption. Alice makes two keys, one she keeps herself (private) and one she gives to Bob (public). Bob does the same, giving a key to Alice. When Alice encrypts a message, she uses her private key and Bob's public key. When Bob gets it, he uses his private key and her public key. The algorithm used allows this scheme to work.
Of course, I'm simplifying the issue, especially in cases where Craig may of dressed up like Bob and got in the middle of things. But that's the essence of secure encryption. SSL/TLS connections (used in that HTTPS connection you go to Amazon or your bank with) use PKE with a few administrative levels to make sure Craig isn't going to steal out of Bob's bank.
But what if Alice has more friends with a similar interest? What if they want a group chat with Elen, Frank, George, and Helen about their dearly departed friend Zoe?
They could swap public keys, and have every push out every message... but that wastes time and bandwidth.
They could go though one person, like Xavier.... or is that Craig in disguise again?
Or... Alice could make another pair of keys for the group, and send both to everyone (but Craig, because he's a dick) via the existing secure messaging. Everyone would send using their personal private key but the group chat public key, and decrypt using the sender's public key and the group chat's private key. All they would need is someone to relay the chat to save bandwidth... and Xavier volunteered for that (the geek -- he doesn't even save connection logs). Craig would have nothing because he wouldn't even see the group chat key being sent.
Alice and Bob want to send letters back and forth, but know Craig (that NSA narc) is snooping around. What do they do?
Well, they encrypt their messages. To make it hard for Craig to snoop, they use what is called Public Key Encryption. Alice makes two keys, one she keeps herself (private) and one she gives to Bob (public). Bob does the same, giving a key to Alice. When Alice encrypts a message, she uses her private key and Bob's public key. When Bob gets it, he uses his private key and her public key. The algorithm used allows this scheme to work.
Of course, I'm simplifying the issue, especially in cases where Craig may of dressed up like Bob and got in the middle of things. But that's the essence of secure encryption. SSL/TLS connections (used in that HTTPS connection you go to Amazon or your bank with) use PKE with a few administrative levels to make sure Craig isn't going to steal out of Bob's bank.
But what if Alice has more friends with a similar interest? What if they want a group chat with Elen, Frank, George, and Helen about their dearly departed friend Zoe?
They could swap public keys, and have every push out every message... but that wastes time and bandwidth.
They could go though one person, like Xavier.... or is that Craig in disguise again?
Or... Alice could make another pair of keys for the group, and send both to everyone (but Craig, because he's a dick) via the existing secure messaging. Everyone would send using their personal private key but the group chat public key, and decrypt using the sender's public key and the group chat's private key. All they would need is someone to relay the chat to save bandwidth... and Xavier volunteered for that (the geek -- he doesn't even save connection logs). Craig would have nothing because he wouldn't even see the group chat key being sent.