this is an important problem to work on so I'm extra irritated by this. looked for the protocol written in standard/BAN notation, didn't find it. if you don't have that for a security protocol, what is there to evaluate or trust?
- lack of a top level protocol description? Check.
- quirky codeworded modules instead of useful feature abstractions? Check.
- promoted by an intelligence agency? Check.
I'd be really interested in novel solutions to this general problem, but how is this one not dumber than Urbit?
thanks, but in this there are no keys, key encryption keys, counters, deriavtion functions, or anything that would indicate how the security of identities and messages are preserved.
sure, sequence diagrams, which are great to have and necessary, but there are no assertions about how security is done.
The website linked is for the The Resilient Anonymous Communication for Everyone (RACE) program. A government program to fund research is not a specification.
I assume you were originally responding to the proof of concept in the Github link? I mean, sure, maybe your criticisms are valid, but (to borrow a term from DARPA) they are non-responsive. If OP wanted to share that Github link and make it the focus of discussion, they would have done so. If you wanted to discuss that Github link, you should have been more clear that you were responding to something peripheral to the actual thing under discussion, which is the program, not the PoC.
In general, my response wasn't just to inform you, but because this is a common point of confusion when people share or discuss DARPA programs here. They are explicitly not prescribing a particular solution, even if sometimes a prior seedling effort or PoC is released alongside the solicitation. So don't take my response so personally; it was not only meant for you.
DARPA is an R&D agency under the DoD. Even if you work on their classified projects, it's going to be under the umbrella of the DoD. There are specific R&D agencies for the Intel community (see IARPA).
Some constructive criticism: it's better to just admit when you made a false statement than to double down on being wrong.
that's misdirection and bureaucratic hair splitting. surely if I'm not being precise about the roles of sub-agencies, this blob of code is trustworthy. on the inside, they're different agencies, but on the outside, it is absolutely not.
if you're doing cleared work you have obligations and spooks are spooks. Not only is it government, but it is part of DoD. DARPA isn't creating anti-state anarchist communications platforms in spite of the rest of law enforcement and the IC, and if they are, you'd be insane to trust them with your black market or terrorist operation, which is the only meaningful use case for measuring the integrity of an encrypted anonymous platform like the one being proposed.
the extremist example use case means that authorities are forced to use some legal method other than mass or passive interception to exploit it for evidence or to disrupt a plot. pretty sure DARPA isn't arming enemies like that, and if they are, they can provide something security pros can reason about instead of something for naive developers to play with.
I don't do gov work anymore if I can afford to. I'm imagining the eco-terrorist meeting where they're introducing their new member and someone says, "don't worry, he's cool, he's from DARPA."
I'll reiterate that their product isn't going to work in any space if they don't learn how to write a security protocol and include it as the extraodinary evidence required for something like a secure anonymous communications. the way they can show good faith is by providing something objective. I even look forward to walking this comment thread back when they do.
DARPA is not in the IC and the IC is not an intelligence agencies, it is a community of agencies. Here's a list of organizations that are part of the IC:
- lack of a top level protocol description? Check.
- quirky codeworded modules instead of useful feature abstractions? Check.
- promoted by an intelligence agency? Check.
I'd be really interested in novel solutions to this general problem, but how is this one not dumber than Urbit?