m-o-o-t Security Notes

m-o-o-t is for everybody , including the cryptographically ignorant. One of the major design goals of is to make it almost impossible for anyone to do anything insecure with it.

If Plod seizes your computer, there's nothing on it .

If Plod intercepts you and demands keys to the interceptions, you can't give them deleted keys .

If they demand plaintext to interceptions - " I can't identify that interception / I've deleted the data in the data haven / It was a random message / it was a housekeeping message I don't understand / I don't know what it was" . Sending random data helps this and mostly defeats traffic analysis . It's been said that "you can't tell Plod that you're sending random data", but if your cryptosuite does it for you anyway...

If they demand access to your data haven accounts if necessary you can give a false key which will decode sensibly, but not to your secrets. If they somehow get the raw contents of your accounts you can do the same, or you can deny that there is anything in the random data. Ultimately you can take the hit rather than give away your secrets.

Of course, if they outlaw unaccessable-by-them crypto we'll have to write a stego version... as an undetectable program... but someone is doing that already.

security


main page . product . code . cryptography . security . FAQ

You can contact us here
You can join our mailing list m-o-o-t here. It's low volume and technical.

notes

is for everybody
the more the better, we want to make these laws look ridiculous. top

almost impossible
we would like to make it impossible but we can't top

do anything insecure with it
most cyphersystems that have been compromised were compromised through being incorrectly used top

Plod
a cryptographer's term for the Police etc. which implies that they have to go through procedures and are constrained in their actions by laws, not that they are stupid top

nothing on it
There's no access to the hard drive or any other local storage, so nothing can be left behind when m-o-o-t is switched off top

deleted keys
The D_H ephemeral keys used for communicating with the data havens top

can't identify
because it is mixed with lots of random data and you never learnt what was what. Perhaps you remember what you looked at but... top

deleted the data
so you can't ever be sure you've got it right top

random message
well it might be top

housekeeping message I don't understand
it might even be one of these top

don't know
Nobody knows for sure. top

defeats traffic analysis
this defeats volume analysis to some extent and encyphering email addresses and all headers except those of the havens and the user defeats destination analysis top

access to your data haven
not legal under most laws. top

false key
if we manage to implement the deniable cypher top

anything in
it's hidden stenographically in random data so you can deny it's there top

Ultimately
we don't actually expect this to happen, but we're paranoid about security so we put in a last-ditch measure. top

can take the hit
if it's more profitable to go to jail for not complying with a demand than to reveal your secrets. top


main page . product . code . cryptography . security . FAQ

You can contact us here
You can join our mailing list m-o-o-t here. It's low volume and technical.