Slashdot Mirror
Zero-Knowledge Open-Sources Linux Client
jailbreakist writes "Zero-Knowledge Systems, a Montreal based privacy software company, has released the source code to their Linux client. The software in question provides anonymous web browsing, pseudonymous email, form filling, cookie management and more. You can get the source at opensource.zeroknowledge.com. The source is available under the MPL, and our clientshim and Yarrow (random number generation) implementations are under GPL." A while ago, we had covered Mike Shaver's move to ZK.
If you had read the material on Freedom, you'd know that the serial number is used to purchase 'nyms', which cannot be traced back to you (read the white papers on the ZKS site for a description of the nym system.) All that anyone would know is that you'd purchased a Freedom serial number, nothing else. If you don't want even that on your record, I suspect that ZKS would even do a money-order transaction. Keep in mind that if "they" are watching you, then a sniffer on your internet access is going to show that you're running an encryption program, so "they" will already be suspicious.
"If I have seen further than other men, it is by stepping on their glasses." - Michael Swaine
As I understand it from the CEO a few months ago, the serial number does not even allow ZK to trace it back to you. They supposedly don't keep track of any of the serial numbers, it's all done on the client side.
Also regarding how it works, it's a kind of "onion" system. Let's say A wants to send a bunch of packets to B. The first thing that A has done upon setting up ZK is to choose up to 3 gateway servers for ZK, call them G1, G2, G3, in that order.
For each packet sent out by A, it will do the following:
- Put header with destination address to B
- Encrypt packet with G3's public key
- Add header with destination address to G3
- Encrypt the whole thing with G2's public key
- Add header with destination address to G2
- Encrypt the whole thing with G1's public key
- Add header with destination address to G1
Then it will send it using the first destination address. At each gateway, one layer will be peeled off using the private key, the destination address read, and the packet will be sent forward.
The cool thing about this is that at any point in the path, if someone intercepts and somehow knows the private key of a gateway, it can only figure out the previous and next hops, not the whole path.
Of course, if B has PGP or anything like that, nothing stops you from also encrypting the packet with B's public key.
The ZK system is an addition to this, providing anonymous transfer, not encryption of data.
It does take a performance hit to do all that, but it's not that bad. I just wish they made it free.
The importance of a good random number generator is often overlooked. Since symmetric (== fast)session keys are mostly randomly generated (and then encrypted by the asymmetric (==dog slow) user keys) if the the random number generator is weak, this can undermine the whole system's security.
You all recall that netscape's already paltry 40 bit encraption actually only had something like 14 bits of entropy, because so many bits came from the easily guessable clock (or something like that).
Anyway, Yarrow is from the always popular counterpane people. I haven't had a look at it myself yet, so if anyone has given it a gander, a summary would be well appreciated.
You can find out more here: .hu t.fi/Opinnot/Tik-110.501/1995/zeroknowledge.html
http://www.tml
I have no idea if any part of Zero Knowledge Inc.'s sytems use zero knowledge proofs or whether they just chose it for its cool name and vague relevancy.
The tokens are all identical. No traces can be done on the token, and the token can't be linked to the serial number or the nym it is exchanged for.
All of this is explained in the Zero-Knowledge white papers. Zero-Knowledge is commited to providing privacy.