The Math Forum

Search All of the Math Forum:

Views expressed in these public forums are not endorsed by NCTM or The Math Forum.

Math Forum » Discussions » sci.math.* » sci.math.num-analysis

Topic: Any good practical means against universal surveillance?
Replies: 1   Last Post: Aug 5, 2013 6:23 PM

Advanced Search

Back to Topic List Back to Topic List Jump to Tree View Jump to Tree View   Messages: [ Previous | Next ]
Mok-Kong Shen

Posts: 601
Registered: 12/8/04
Any good practical means against universal surveillance?
Posted: Aug 5, 2013 2:26 PM
  Click to see the message monospaced in plain text Plain Text   Click to reply to this topic Reply

There have been recently in German media quite some debates on Internet
security for the common people and serious concerns were also expressed
by the German president. A German minister even recommended the
citizens to take care of the security of their communications
"themselves", without however telling them "how" -- similar IMHO to
recommending citizens to take care of not being robbed "themselves".
(It may incidentally be noted that in Germany, in distinction to USA,
a permission is required to buy guns and that permission is not easy
to get). Now are there any good ideas of how the common people could
defend themselves against Prism, Tempora, etc., noting that some mighty
Eastern countries may have comparable, though yet unrevealed, projects
running as well? Each individual idea may not be good enough, but
perhaps through appropriate combinations there could result in
something not too bad?

As a start I venture to sketch a humble idea of my own in the

If it could be managed to have sufficiently large volumes of encrypted
emails constantly on the Internet, the surveillance mechanisms would
very likely at least loose much of their efficiencies, if not be
entirely bogged down due to overloading. To achieve that, it would
thus principally depend on whether there are sufficient number of
common people who would voluntarily take the trouble to do encryptions
(or at least do some additional keystrokes, see (3) below) and so IMHO
this is the biggest problem to be faced by the present idea.

We assume that each email has a plaintext part and an attached file
with encrypted stuff. It may be noted that for such senders (let's call
them activists):

(1) They certainly may not have all the time materials that necessarily
need to be kept secrect, in which case for convenience the attachment
can be a dummy file, in particular an arbitrarily chosen one from a
number of dummies stored on stock. Whether the file contains genuine
stuff could e.g. be indicated by a chosen keyword in the plaintext part
of the email.

(2) Not all their friends would like to do any encryption work to
communicate with them, in which case these friends need only tolerate
the activists' sending them emails with dummies.

(3) Those activists who live on the maxim of having absolutely nothing
to hide could always send dummies as attachment.

Note also that the idea of having only one part of the whole message
that is encrypted could also be applied e.g. to the webpages, which may
contain a dynamically varying encrypted part for the partners to

Key management could be a big stumbling block for the idea in practice.
Since I have anyway a bias favouring symmetric encryptions (I mistrust
PKI whose software/hardware security I am unable to verify for poverty
of knowledge and other practical reasons -- the proprietary software or
hardware involved could contain backdoors implanted by the secret
agencies and the trustworthieness of the certificate agencies, i.e.
the human factors, are questionable, concrete symmetric algorithms are
in general easier to understand than concrete asymmetric algorithms
IMHO), I envisage that each pair of partners would somehow agree and
keep a master key for their communications, from which session keys
could be generated via encrypting certain data that partly involve
time, message number etc. At least for a certain part of the activists
who live in democratic countries secure transfer and keeping of these
master keys among them shouldn't be a too big problem IMHO.

Note that we capitalize on encryption, i.e. the difficulties (efforts
and resources required) of the agencies to find the (potentially, but
not certainly, vital for them) secret informations and do not (and
cannot) hinder their collection of the meta data. Hence the portion of
emails from the activists need not be significant in relation to the
total volume of emails on the Internet.

A tiny remark is that in countries where the law enforcement could
demand surrendering of the encryption keys, the dummies couldn't be
entirely arbitrarily random, since otherwise it would be impossible to
satisfy the demands of the authority.

A somewhat different, seemingly also viable, idea is the following:
The activists could send genuine (i.e. for communication) or dummy
(i.e. to enhance the load of cryptanalysis) messages to Usenet groups
like alt.anonymous.messages. I am ignorant whether that group has
currently more than a few congeners, if at all. Anyway, if there is
a "run" for such services, evidently many more of its genre would be
needed, which IMHO shouldn't nevertheless be an unsolvable problem.
BTW, some activists could run something analogous to certain Internet
forums with browser as interface for posting, excepting that there will
be encrypted stuffs posted, with membership available to the general
public or limited in some specific way. (Note that on some computers
access to Usenet groups may not have been installed, but access to
a forum needs only a browser which is always available. In less
democratic geographic locations one could send messages from a call
shop or internet cafe (utilising the facility available there to access
the Internet, thus not involving one's own IP address, nor email
address), taking due care of possible observations by agents there.)

My personal view of the current surveillance is fairly analogous to
one of, say, an intimidating disease of pandemic nature. In such cases
one knows that one doesn't have "really" effective means to solve the
problem, but one must/should nonetheless join efforts/thoughts to
reduce, as far as possible. the "impact" of the evils. As I indicated,
there appears unlikely to be a way to stop collection of meta data.
What seems to be viable is IMHO a reduction of the practical efficiency
of the huge computing resources of the agencies. And that I think is
quite possible in practice by presenting to their machines an
additional very huge load of cryptanalysis. In fact, imagine that there
were 100 Internet forums each with daily an average of 100 encrypted
posts, such that with a probability of 1/10000 a post may contain
a message of the importance and urgency comparable to, say, "Snowden is
escaping with a jet of a certain Latin-American president", I am pretty
sure that the cooling system of their computers would very soon need
some unscheduled maintenance work :)

M. K. Shen


P.S. In another group someone pointed out that the base of my idea is
not new at all. He quoted Philip Zimmermann:

"What if everyone believed that law-abiding citizens should use
postcards for their mail? If a nonconformist tried to assert his privacy
by using an envelope for his mail, it would draw suspicion. Perhaps the
authorities would open his mail to see what he's hiding. Fortunately,
we don't live in that kind of world, because everyone protects most of
their mail with envelopes. So no one draws suspicion by asserting their
privacy with an envelope. There's safety in numbers. Analogously, it
would be nice if everyone routinely used encryption for all their
email, innocent or not, so that no one drew suspicion by asserting their
email privacy with encryption. Think of it as a form of solidarity."

Point your RSS reader here for a feed of the latest messages in this topic.

[Privacy Policy] [Terms of Use]

© The Math Forum at NCTM 1994-2017. All Rights Reserved.