A very important note about OpenPGP security - only YOU can help keep the darknet secure

EDIT: BOTTOM LINE: The cops might be reading your GPG-encrypted messages. Let's make that impossible.

EDIT 2: This should especially be a concern if folks suspect that a market may be an LE honeypot.

TL;DR: Everybody learn about the importance of the OpenPGP Web of Trust, and start uploading Trust Signatures to keyservers at every opportunity, but only when you have actually verified a key securely, i.e., not over the internet. Vendors, if you don't already, please start including a written or typed (Be careful) copy of your GPG key's complete Fingerprint inside all of your packages. Buyers, consider some of the interesting proposals on this page: https://security.stackexchange.com/questions/58981/establishing-a-reputable-pseudonym-with-pgp-key


Warning: serious hardcore cypherpunk shit ahead, put on your tinfoil hats and mirrorshades before proceding. ok no but for real, this is stuff we should take seriously and need some better solutions about, let's all brainstorm them... I also gloss over some functions and steps of what I'm describing (like certain GPG or Bitcoin functions), to keep this from becoming huge, but don't hesitate to ask for details or how-to on any of this. Anyway....


Lately I've been helping some people out with their various GPG problems, something I feel very good about. But I'm slowly realizing one very, very important thing that folks don't seem to understand:

Most people are not taking the necessary steps to prevent the very easiest way that OpenPGP communications are compromised.

The issue is Man in the Middle attacks, and they have always been a very serious concern for OpenPGP developers and users. If LE can position themselves in the middle of your internet traffic, or upload a fake key to a keyserver, they can substitute a key that you're importing (either on the wire or on the keyserver) with one that they control that appears to be legitimate. Then, if you try to communicate securely with that person, LE intercepts the traffic, decrypts and reads it, then re-encrypts it to the proper key and sends it on its merry way, without you or the other party having any idea. Fortunately, there is a solution to this threat that was developed in the early 90's with the first versions of PGP: Key Trust, and the Web of Trust that protects and extends it.

The fact that darknet traffic is encrypted end-to-end is a big, big help in this case, and is probably why we haven't seen any busts (that I know of) exploiting this attack, at least regarding on-the-wire traffic tainting. If the medium you're communicating a public key over is encrypted end to end, obviously a Man in the Middle will have a very hard time altering any of its traffic. However, if the attack takes the form of a fake key uploaded to a keyserver, or a hack of the keyserver itself, there is no protection other than the Web of Trust.

Despite the end-to-end encryption, an on-the-wire attack is still a significant threat if there is an implementation problem in the darknet's crypto (not super likely), or if either end of the connection (you, the keyserver, the market site, whatever) is compromised in some way, which is much, much more likely - especially since so many of you love to use enable Javascript over Tor in order to post here - something I would never do, or at the very least do only if I was running Tails or Whonix off of a read-only disc... but I digress.

Furthermore, proper Key Trust is another good way to to improve everyone's security, and is a vital component of "Defense in Depth," where you maintain some (or all) security even when one aspect of it is compromised. With better habits and knowledge about key trust, a proper Web of Trust for the darknet markets could begin to emerge, and that will be immensely useful now and into the future. The more people that participate, the stronger it becomes for all of us.

One terrible option to do this would be for folks to post their key fingerprints here on reddit, where any LE could just compel reddit to alter the key data on their servers, or intercept it on-the-wire as it's browsed.

One great option that's available to us to build a Web of Trust is for vendors to start transmitting the Fingerprints of their GPG keys in ways that can't be easily intercepted or altered - like on paper in a merchandise package. But be careful - this printer ID problem is actually pretty difficult to work around... you could grab a used printer off of Craigslist or from a thrift store (with cash, of course), or you could hand-write the fingerprint with a generic pen in simple block letters while wearing rubber gloves (probably what I would do), or some other solution. Anyway, of course, we all know that physical things in the mail can be intercepted, too, and so this should not be considered completely secure, at least compared to the results of a proper Keysigning Party. But it's a big step up from nothing, and those that receive a fingerprint on paper in the mail can probably use a level 2 (medium) key trust signature (sig2) to sign that key, which can then be uploaded to keyservers to help build the Web of Trust (please be sure to do this, buyers!).

Another option that's available, that works for both vendors and buyers, is using the Bitcoin protocol to help cross-authenticate keys. Some ideas about how this might be done is here: https://security.stackexchange.com/questions/58981/establishing-a-reputable-pseudonym-with-pgp-key . One way to establish some decent authentication of a buyer or vendor's GPG key might go like this, which uses two separate means (Bitcoin blockchain timestamping and Bitcoin private key signing):

I. Blockchain timestamping (as described at https://bitcointalk.org/index.php?topic=52715.0 or using some stupid proprietary service at https://www.strongcoin.com/blog/using_the_blockchain_as_a_trusted_timestamping_service ):

A. The person creates a 256-bit hash (like SHA256) of their GPG key's fingerprint,

B. They import that hash as a new Bitcoin address private key,

C. They record the public Bitcoin address that corresponds to that key,

D. They send 0BTC (or 0.0000001 BTC, etc.) plus appropriate transaction fee to the Bitcoin address that corresponds to their GPG key fingerprint-based private key FROM an address that they are can be publically associated with, and include in the OP_RETURN field a message like "this is to my GPG key fingerprint's SHA256 hash"), and wait for a few confirmations. Preferably, they use Coin Control to not use a change address, so that the change is returned to the same address that spent it, to improve ease of lookup by others after the next step,

E. The next time that this person makes or receives a payment, they can use the same address that sent the timestamp transaction above. If they're the buyer in this case, they can use Coin Control to spend from the same address that sent Bitcoin to their GPG fingerprint address, thereby demonstrating that the bitcoin and the GPG key are controlled by the same person, and if they're the vendor, they can just have the buyer send to that address (insert obvious warning about Bitcoin address re-use, although it this case it's not particularly harmful),

II. Bitcoin private key signing, which is a bit simpler, but not as secure. Best combined with the above.

A. The person exports their GPG key's fingerprint, or even their full public key,

B. They use their Bitcoin client to sign a message saying "This is my GPG key" plus the fingerprint or exported public key, from a Bitcoin address that they have used on the Dark Net markets (preferably the one that was used in the method above),

C. For good measure, they should probably then GPG-sign this Bitcoin-signed message. It might actually make more sense to Bitcoin-sign the GPG-signed message... let's think about that...

D. They then publish this signed message widely, even in insecure places like this subreddit or even better, on some marketplaces and/or on /r/publickeyexchange .

Hopefully, in time (probably not that long!), a decent darknet Web of Trust can emerge, which will be incredibly useful into the future. It could actually end up pretty strong (much moreso than most parts of the WOT), since vendors communicate with a large number of people, and every one of those exchanges is an opportunity to create and upload more Trust Signatures.

What would be really great would be some simple software tools that could automate (or at least simplify) some of this stuff, like the Bitcoin cross-signing, etc. But at the moment, it's all at least feasible, just a little obnoxious.

Anyway, I think this stuff is important, and also I think that cryptography is awesome. Proper key trust really is essential for secure use of GPG - and many other crypto tools - and wayyyyy too many people completely gloss over it, mostly because they don't know about it, don't understand it, or don't comprehend its importance. Let's change that, and in doing so, let's change the world, together.

signed source of the above message available at: http://pastebin.com/Ugf4pSYj


Comments


[2 Points] ysplzthnks:

As a drunk person that will try to come back to this later, I'm going to let you know now that there are probably 20-30 people on this subreddit that understand the details/necessity of what you are talking about and hundreds that don't. It's an unfortunate reality, you need to connect with the people that actually make shit change, try /u/deepdotweb , he's a head honcho on stuff like this, I would follow his word.

Hmm, wrong person, who am I trying to connect...?


[1 Points] gerundive:

a decent darknet Web of Trust can emerge

Oxymoron?


[1 Points] anonish9:

Maybe Morse code for contacting vendors


[1 Points] bobafett89:

Well, to be fair, you DID tell bobafett89 to put our tinfoil hat on... but with Tor, PGP, Tumbling, Eyes Wide Shut Themed Sex Meetups, Blockchain, Tails, LocalBitcoin, etc etc etc, ugh! There's so much for bobafett89 to do already! Can't someone just make an app for us, so that we can order expired Netflix memberships without the fear of LE? Bobafett89 will now pray on this to ensure that it happens. Tally ho!