PGP based social network

2,591 views
2,410 views

Published on

Some random thoughts on creating and growing a social network on PGP

Published in: Technology
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
2,591
On SlideShare
0
From Embeds
0
Number of Embeds
54
Actions
Shares
0
Downloads
6
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

PGP based social network

  1. 1. PGP based social network Fev. 2011/Rev. 1 José Moreira @zemanel PGP: DE748EE6 (work in progress/random thoughts)
  2. 2. PGP based social networkhttp://en.wikipedia.org/wiki/Pretty_Good_Privacy combination of hashing, data compression, symmetric-key cryptography, and, finally, public-key cryptography data encryption and decryption computer program that provides cryptographic privacy and authentication for data communication often used for signing, encrypting and decrypting texts, e-mails, files PGP software usually constructs the user ID from the Real Name, Comment and E-mail Address, ex.: "Heinrich Heine (Der Dichter) <heinrichh@duesseldorf.de>"
  3. 3. PGP based social networkhttp://en.wikipedia.org/wiki/Web_of_trust PGP products have included an internal certificate vetting scheme a trust model to establish the authenticity of the binding between a public key and its owner PGP public keys can be digitally signed by other PGP keys, if they are confident the key actually belongs to the person who claims it. Generally happens at key signing parties
  4. 4. PGP based social networkhttp://en.wikipedia.org/wiki/Friend-to-friend [Network] A friend-to-friend (or F2F) computer network is a type of peer-to-peer network in which users only make direct connections with people they know
  5. 5. PGP based social network PGP + Web Of Trust + Friend2Friend Network = PGP-based Social Network Call it "PGPBook" for now
  6. 6. PGP based social networkHow it could workAccount creation: Regular user registration User sets PGP key ID in the registration form E-mail verification, containing verification link, is encrypted with the users public key and sent to the e-mail associated with the public key (in the user ID)
  7. 7. PGP based social networkFriends network/social graph PGP User (not pgpbook user) A locally signs (trust model) PGP users B key and exports to public key-server(s) pgpbook polls public key server(s) periodically (and/or on-demand) and synchronizes/imports user B into user As social graphExpanding
  8. 8. PGP based social networkWhy (its not really a bad idea) http://www.dailykos.com/story/2011/02/16/945768/-UPDATED:-The-HB- Gary-Email-That-Should-Concern-Us-All ("sockpuppets") http://www.google.pt/search?sourceid=chrome&ie=UTF- 8&q=facebook+privacy+issues
  9. 9. PGP based social networkRelated ideas client-side browser encryption/decryption seems possible (although it raises security issues): http://www.google.pt/search?sourceid=chrome&ie=UTF- 8&q=javascript+pgp perhaps its something that could be implemented within existing socials apps instead of a full fledged social network
  10. 10. PGP based social networkDownsides trust model dependent on private key security PGP use is not massified
  11. 11. PGP based social networkSuggestions and feedbackzemanel@zemanel.euirc://zemanel@irc.freenode.net@zemanel

×