Project info for AnonCryptoProxy
Created 19 Jul 2000 at 04:15 UTC by apostle, last modified 19 Jul 2000 at 04:42 UTC by apostle.
Protecting your web surfing from Little Brother, Big Brother, and Dad.
A growing problem on the Internet today is not just Big Brother. We are constantly being watched by a multitude of "little brothers". These entities watch us, record our online activities, and can potentially "tattle" on us if they decide to do so. This project hides web traffic from little brothers (web site owners), Big Brother (government), and Dad (ISP or employer).
- Hide your identity from the sites you visit. Requests go through a proxy.
- Hide your request traffic from MIM. Requests are sent encrypted.
- Hide the requested web pages from MIM. Results are sent encrypted.
- Operate through a corporate firewall. Only standard URL and cookies being sent.
- Hide the fact that the cryptoproxy is even in operation. False traffic generated to fool traffic analysis.
- Easy to use. Uses standard proxy model. Could even be autoconfiguring.
- Widely deployable and scalable. This program is free information - set up your own server. Set up a hundred.
The project involves no modifications to the browser. It requires writing a complex proxy, but there are no technical mysteries about it.
A cryptoproxy request is generated as follows:
- User at some point configures the cryptoproxy server URL and public key.
- user enters URL, browser contacts local proxy
- local proxy generates session key S
- local proxy encrypts session key with server's public key: pub(S) man in the middle cannot discover S w/o factoring
- local proxy encrypts URL with S: S(URL)
- local proxy requests service from server proxy, sends pub(S) and S(URL) in a cookie ooh, sneaky. Looks like a normal page fetch with a cookie. :) The local proxy can generate bogus URLs such as: http://www.somesite.com/ca/python/manual/page5.html The server proxy ignores the URL and looks at the attached cookie.
- server proxy decrypts session key S
- server proxy decrypts URL
- server proxy fetches requested page P *note, this step could be AnonCryptoProxied also, maybe directed in a fling-like route ball, etc, etc, etc*
- server proxy encrypts page with session key: S(P)
- server proxy returns S(P) to local proxy
- local proxy decrypts S(P), sends P to browser
We are planning to do this as a completely anonymous development project -- good practice for the day when unlicensed program development is made illegal. We are hoping to host development stuff on a privacy-minded person or company's server. We would also like to make a WikiWikiWeb for the developers. But one rule -- you gotta use a nym and try to protect it well. Live it.
Why not just use a commercial anonymizer service?
- 1) they are a big brother magnet
- 2) their service, in catering to easy-to-use, lacks features
- 3) they will fork over records faced with supoena
- 4) trust yourself, nobody else
- 5) I could go on, but you either get it by now or you won't. :)
This is not to say people can't make money by running anonymizing servers. Set up an anonymous e-cash micropayment system. (Another project, another day...)
Watch Apostle diary entries to get involved.
Enjoy and Deploy,
License: Public Domain
This project has the following developers: