This section introduces the technologies that are used to improve privacy and security of the information. It also aims to provide a social and historical
context to the discussion.
cryptography, symmetric cryptography, private key cryptography, morality, Tor, I2P, HTTPS
-
What are cryptographic primitives, which ones are used in bitcoin and for what purpose?
-
What are the aims of information security?
-
What are the aims of privacy enhancing technologies?
-
Consider spearfishing attacks, how are they different from fishing attacks, how do they feed from information leaks?
-
In "what happened to the crypto dream?" author concludes that the cypherpunk dream is not materialized, make the case for and against the authors position.
-
what are some challenges of communicating the importance of privacy to public?
-
Is "anti-mass surveillance" a better framing then "privacy"? What are some other ways of communicating this message?
-
Why, in bitcoin community, is there a negative sentiment towards relying on cloud services for running a node?
-
"Trust" is a word often appears in Bitcoin Whitepaper. How does trust on third parties, individual taking responsibility and privacy are related?
-
Are P2P networks such as Tor of I2P viable networks for daily internet usage? What use cases and treat models would justify their high latency?
-
VPN services are generally marketed as effective tools for privacy and circumventing censorship. How do they differ form networks such as I2P or Tor?
-
what are some main differences between I2P and Tor network? How do they differ in terms of scalability? (also garlic vs onion)
-
Why are most messaging and emailing apps still don't support basic encryption?
-
TODO: Tor CAPTCHAs and identity problem in the internet
-
what does "No security through obscurity" mean? Why is secrecy not considered a valid security model on its own?
-
What are "anonymous credentials"? What is their designed purpose?
"Don't trust, verify"
"No security through obscurity"
a cryptosystem should be secure even if everything about the system, except the key, is public knowledge.
-“Kerckhoff's Principle”
The universe believes in encryption. [..] Strong cryptography can resist an unlimited application of violence. No amount of coercive force will ever solve a math problem. quote from Julian Assange
But we discovered something. Our one hope against total domination. A hope that with courage, insight and solidarity we could use to resist. A strange property of the physical universe that we live in. The universe believes in encryption. It is easier to encrypt information than it is to decrypt it. We saw we could use this strange property to create the laws of a new world.
In words from history, let us speak no more of faith in man, but bind him down from mischief by the chains of cryptography.
-Edward Snowden
self-hosting vs cloud
good security practices password manager
good privacy practices using email relays pseudonym accounts TODO: a question regarding methods for being prepared for such leaks, using email relays, one time passwords, random usernames
social engineering (spear) fishing
encryption - probably better to just leave resources for the interested
- cyphers
- symmetric encryption - secret key encryption
- AES
- Asymmetric encryption - public key cryptography
- encrypting, decrypting, signing, validating signatures
- RSA
- Eliptic Curve
- Deffie-Hellman Key exchange
attacks on encryption (not so relevant tbh)
- ciphertext only attack
- known plaintext attack
- chosen plaintext attack
- chosen ciphertext attack
practical cryptography book - crypto for devs
crypto hack - learning via coding
https://www.freehaven.net/anonbib/cache/cl01a.pdf
https://github.com/pFarb/awesome-crypto-papers
https://github.com/sobolevn/awesome-cryptography
Zero Knowledge Proofs: Example with Pedersen Commitments in Monero