hack0r.net

While the Informatiktage 2007 I got in touch with the presenter of trusted computing lecture, which was based on his diploma thesis. He told me about some ideas, how trusted computing may be used to secure some privacy, for example in filesharing. Normally you would use trusted computing to certify that an application is doing exactly this or that, but why not using it the other way round and certifying that it doesn’t do something, for example associating an ip with a file or other kind of logging. Since I am not yet that much into trusted computing and didn’t get all the tiny bits how to guarentee such a behaviour, I will not try to explain it in greater detail now. Just plainly use trusted computing to certify that the counterparts software is not logging anything and maybe supports some techniques to obscure something.

Some security measures we have been thinking about, that will be needed additionally, to disguise the source are:

• Naturally encrypting the traffic, so there are no conclusions about the content transfered.
• Generating fake traffic to other clients, so it is not possible to know which clients really did send parts of the file. This only works if the faked traffic is at average as much as the the one generate for downloading the file at a per client basis. If only one or at just a few people are sharing a file, especially if it is big, this kind of disguise is pretty traffic hungry and not very applicable.

Nevertheless, I think this is a pretty innovative approach. And when I have found the time to get a bit more into trusted computing and peer to peer networking we will hopefully start this project.

If you got some ideas which may lead to some improvement of this project please contact me. Or if you know this won’t work cantact me too, but please also explain why ;).

Popularity: unranked [?]