123
-=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- (c) WidthPadding Industries 1987 0|631|0 -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=- -=+=-
Socoder -> Question of the Day -> Encryption

Thu, 05 Nov 2009, 04:17
Afr0
In Norway, the government is currently trying to decide if it's gonna allow a EU directive that says that all data traffic that passes through ISPs must be stored for several months including the IPs of who it was sent from and who it was sent to.

This makes me wonder if it's possible to encrypt the IP headers so that IPs can't be traced? Will this make it impossible to route the traffic properly?

If this directive gets passed, I'm seriously writing my own MSN server which will encrypt all traffic that goes to and from it.

Does anyone have any other good encryption techniques/ideas, preferably as it relates to network traffic?

-=-=-
Afr0 Games

Project Dollhouse on Github - Please fork!
Thu, 05 Nov 2009, 05:02
JL235
Afro This makes me wonder if it's possible to encrypt the IP headers so that IPs can't be traced? Will this make it impossible to route the traffic properly?
Yes I believe this is possible, but might require new protocols to be built and the destination would need to know what you are using.

First the header cannot be encrypted. In order to forward packets through the network ISP needs to be able to be able to understand the header, and the routers in the network even alter the data contained in it (namely the time to live and the checksum values). They also need to be able to understand it in order to know where to forward your request on to.

Theoreticall you could encrypt the source IP address in the header (i.e. your IP address) when you send it out. Your ISP would be able to forward messages on, but they wouldn't know where they are from. The destination could then decrypt your IP and send a reply back (perhaps with their source address encrypted so the ISP can't tell who is replying to whom).

What encryption would you use? One of the advantages with certificates is that they contain a public encryption key for the user. So you'd get the certificate for the destination and then encrypt your packet using the public key in there. You can only decrypt it with the private key which only the destination knows. The destination would do the same for replying.

So your ISP would know what messages you are receiving.

A few points, first there is nothing to stop you encrypting the data inside of the packet. To the ISP the data is just a series of bits or bytes. i.e. your ISP knows that I contacted you, but they don't know what I said because the message was encrypted. HTTPS is one example.

Second there is a protocol called Onion routing which is used for the Tor network. The idea is to allow users to be completely anonymous. However Tor is used extensively for software piracy, communications between terrorists and sharing pedophilia (that is not a joke or an exaggeration). So although I'm against ISPs being pressured into policing the internet, I'm also against the idea of total anonymity.
Thu, 05 Nov 2009, 13:55
Phoenix
Are you referring to IPRED2? That law has passed here in Sweden, and those who are really paranoid just drive all of their traffic through a VPN to, in essence, become immune.
Thu, 05 Nov 2009, 14:36
Afr0
Are you referring to IPRED2? That law has passed here in Sweden, and those who are really paranoid just drive all of their traffic through a VPN to, in essence, become immune.


I think that's the law I'm referring to yes. What's a VPN?

-=-=-
Afr0 Games

Project Dollhouse on Github - Please fork!
Thu, 05 Nov 2009, 14:50
Jayenkai
lol

Start - Help and Support - VPN .. You don't even have to google that one!

-=-=-
''Load, Next List!''