Topic: Crosspass - a simple way to share passwords, encryption keys, banking info - page 2. (Read 406 times)

Lavamail chose to shutdown instead of fooling its users and being silent under a gag order. It was a USA corporation. Can't this happen in Switzerland? I think it can, because USA forced Swiss banks to close American accounts and to reveal all account activity to American authorities.

Also, as much as I value privacy, I value and respect the judicial system. The reason? Civilized society is setup to protect private property and privacy, at least in principle. So if police wants data on someone and they come to me with a court order, it is my principle to respect the law and to comply with the request.  However, if I simply can't help because of the way the protocol is implemented, I do well by both the law and by privacy of clients.  In contrast, Protonmail, Signal, WhatsApp, et. al. could MITM any user by issuing rogue public keys. Crosspass is safer because in order for the Crosspass server operator to MITM a client, he would have to guess the PIN, which is as hard as guessing 11 coin flips.


What's the difference, if in total only three attempts are permitted? Does it matter which three people use up these attempts? The bank is happy with a 4 digits PIN because it can limit the number of attempts.  Long passwords are needed only when a brute force attack cannot be prevented (when password hashes are leaked).  

Crosspass is relying on the OTP model for authentication. In common usage OTPs are short and yet they unlock a person's account. Why is this safe? The time limit on the OTPs prevents theft through shoulder surfing or internet traffic harvesting.  The limit on tries prevents brute forcing. (You can achieve the former with Crosspass by deleting a share after 5 minutes.)


I understand this, but the person to whom your are sending sensitive stuff (or receiving from) most likely will not. It takes two to tango. If the recipient is a busy accountant, realtor, or a doctor, he will not do all this work. So if we are to have any adoption of secure practices, we need to package it in a form-factor he will use without friction.

The other issue is: are you willing to keep your laptop online until you establish a shared key by Diffie-Hellman? The choice to put Crosspass on a smartphone was made because it is always online, like a personal server in a pocket. Twenty years ago people kept their desktops online, serving a website from it. With the prevalence of laptops this ended while computers which are always online had moved to the cloud.

• Not just any someone, it would have to be someone who is a MITM. Otherwise, you will know the key was stolen if your friend has not received it. Crosspass will release the shared secret only once, and expire the PIN.
• Then send a public key, not a private key: establish a private key by Diffie-Hellman (DH) and verify the public keys by Crosspass to ensure that there was no MITM in the Diffie-Hellman exchange. (You can do this in practice with the Signal app by sending Signal's Safety Numbers by Crosspass.)  
  
  In any case, if you do transfer a private key by Crosspass and it is used to initialize a Signal protocol chat, then one chat round (e.g. "Hello Alice" and "Hello Bob") are sufficient to establish a new Diffie-Hellman key, essentially using the original private key only for authentication.
  

Crosspass one day will be a free of charge CLI which you can install with Apt or Brew, from source. That will cover the cool cats, but what about the laymen they have to deal with? As mentioned above, most other people who receive or send stuff to you will not be able to use it in this form.

End-to-end encryption was almost non-existent in adoption until WhatsApp. In order to make encryption habitual, it must be put into a form that everyone can use. This was my design goal with Crosspass.

P.S. If you want to support Crosspass, please give some love to @entelecheia_inc Twitter account which I just created.

Still, I trust Protonmail's reputation and transparency.

I've never used Google's app payment system, and I never will. Again, I guess I'm not the average user here, but I refuse to pay for small pieces of software on a small screen when I have complete open source operating systems with loads of software at my disposal free of charge.

Apple and Google do not allow this for mobile apps. They also don't allow cheating (i.e. charging off the app and then using some kind of coupons).  But if they will eventually add a feature to pay for in-app purchase by crypto, then you will be able to.

This won't be an issue when Crosspass is released as a desktop app, and in this case it would accept directly a crypto payment.

This happens rarely in iOS and with time Play store will up its game.


Yes, I am also exploring this direction. But the standalone app will continue to exist in any case.


Crosspass client is talking to a Crosspass server. The job of the server is:
 
- to send out Push Notifications to wake up phones so that they resume talking with the server.
- to reserve lookup IDs
- to prevent someone triggering too many Push Notification to the same phone.

If the server is down, the tunnel won't be established between the sender and recipient, so notes won't be able to be retrieved while it is down.

I am prepared to move to serverless infrastructure as soon as I observe any scalability issues.  Currently, an MQTT handler is being integrated into the mobile apps. This allows to decouple everything and go serverless without the need for users to update their apps. (Note: "serverless" still is a "server," but the server is e.g. all of AWS.)

Let's see what happens if the mobile app of the sender is down. Because the exchange is peer-to-peer (with the server acting to establish a tunnel), the protocol fails if the sender's device doesn't respond to a Push Notification or if Push Notification takes too long to arrive. Normally it arrives within 2 seconds, but I have observed a 30 minute delay on rare occasions. The currently published version of the app will just show an error to the recipient upon a timeout of 30 seconds. However, I am making a UX improvement now for this rare case. The recipient's phone will place the request on hold and resume normal operation. When the sender's phone comes back to life, the server will send Push Notification to the recipient's side to resume the protocol.

Can we pay this $1 with Bitcoin or only with fiat currencies?

Sorry but I don't like anything about Zcash 
If I had to receive Bitcoin address from someone and this guy told me that first I have to install new app on my phone, I would immediately think that this guy is a scammer.
I have seen way to many real life cases of people getting scammed like this with fake apps, so I would probably refuse to install anything.
There is a chance I would use something like this if Crosspass was integrated in some messenger used for private conversation.

Anyway, for testing purposes I installed Crosspass to see how everything works.
Is Crosspass using any servers, and what would happen if app or servers are down?

End-to-end encryption in web browser is not possible. Protonmail, Hushmail etc. are subject to Javascript backdoors. Hushmail actually backdoored itself and documented it. https://www.wired.com/2007/11/hushmail-to-war/



Besides the web issue, the same critique I have in the FAQ on WhatsApp applies to Protonmail. You have to trust the public key that Protonmail gives you for the recipient, and so it can easily position itself as a MITM.  That, unless you check key fingerprints against the recipient's. But if you have to do this, it is no longer an easy process. (How would you check them? You would need something like Crosspass for that.)


Yet, you would expect the recipient to sign up with Protonmail? I think that a recipient is more likely to install an app than create an account online somewhere. He knows that he can easily delete it as soon as he is done using it. Also, you would need to wait for the recipient to sign up with Protonmail before you can compose a message to him.


Guessing 3 out of 10,000 is like 1 out of 3333, and that's harder than guessing a sequence of 11 flips of a coin. It's good enough for a bank apparently. I could have made the PIN 6 digits long and it would still be user friendly because OTPs now are commonly a pair of 3 digits. But I am not convinced it's necessary.  (If there is real demand for a six digit PIN, I could incorporate it as a future feature.)


Every version will be reviewed just before it's published to the App store and Play store. There would not be a need to review everything from scratch, just need to review the changes to source code since previous release.

Crosspass does not compete with WhatsApp, Signal, Telegram Secure Chat or Protonmail, Hushmail.  Keep using those systems whenever convenient, but use Crosspass to verify the public keys in order to secure those systems.

Tor: "Unable to connect". I had to try a few new Tor circuits before it loaded. I was hoping the site itself would be enough, but it asks me to install software on my phone. I'm not going to do that, basic OPSEC is installing as few apps as possible.

Web wallets are not recommended, and sharing a wallet at least doubles the risk of losing your funds.

If it's not going to be open source, you can always add a backdoor later.
There's a problem with this: if someone tells me to install an app to receive a code, I'll tell them to use something else. I don't even install apps from my bank.

---

---

From my perspective, I don't see a reason to use this. But then again, I'm not the average user so maybe there's a market for it.

I have just open-sourced the code that deals with persistence of data locally on the phone. All sensitive data is stored in encrypted form. The encryption key never leaves the device because it is stored in Secure Enclave.  This is necessary so that the data doesn't leak through iOS / Android recovery backups.

https://github.com/entelecheia-inc/ios-excerpts
https://github.com/entelecheia-inc/android-excerpts

Of course these excerpts do not guarantee that I call these functions consistently, but it will give you an indication of what is going on.

Also, I blank the screen when the app is swiped so that displayed text doesn't leak via screenshot grabbed by the OS.

About deleting data: when note is transferred from sender to recipient, then the sender deletes records in local database on the device. (First dictionary value is set to empty string, then the dictionary key is deleted).  On the recipient's phone data remains for one day, then gets deleted.

When the app starts up it deletes all records older than 2 weeks.  On the server, any stored state older than 2 weeks is deleted.

I see that the patent for Crosspass lists a figure at the end which can conceivably be used to generate detatched bitcoin addresses. But it reminds me of the Silent Payments idea. But in any case, I think the main use for this is to be sharing passwords in an easy way.

Although doing that using the internet is kind of an exclamation mark because of all the snooping middlemen such as the NSA tapping fiber optic overseas cables and ISPs and so on. I would think it would be much safer for two devices to share it over a private LAN.

Quote from: frisco2 on September 06, 2023, 10:44:22 PM

I can let you review the source code, provided you report back in this thread that here are no intentional backdoors or data leaks.  In fact, I will pay $200 each to the first three people of Legendary status who would review the code.

Sign me up. I read your whole patent and it looks neat.

Yes, I liked the idea of hiding the Bitcoin address. In this way, privacy can be increased by sending the Bitcoin address out of sight.

But the thing I didn't like about sharing the password or encryption key, I know you'll tell me it's safe and that it's "encrypted end to end" But how can I be confident that the program does not store passwords and encryption keys and keep them in the database after sharing them?

As you know there was a major incident related to this particular point and sensitive user data was seized due to it being saved and not deleted.

The second. You only pay once a $1 for lifetime use. This way the app is free to receive and removes a potential friction on the recipient's side.


I can let you review the source code, provided you report back in this thread that here are no intentional backdoors or data leaks.  In fact, I will pay $200 each to the first three people of Legendary status who would review the code.

Also, (a) I will have it reviewed by a reputable pen-testing company, and (b) I will open source Crosspass once it gains enough installs to have market advantage over any clone.


One's finances should be private.

Every time you post your bitcoin address, or email it, mass surveillance associates it with you and records how much money you have received. That's why ZCash went to so much trouble to hide the identity of the sender of crypto. By sharing a Bitcoin address via Crosspass, you become essentially anonymous. Watch a 5 minute Doodly video: https://www.youtube.com/watch?v=NK-P_g6gKlI

I understand why someone would use this, but having Crosspass app as closed source and not really knowing what is happening under the hood... this is not exactly my cup of tea.

Another thing, would I have to pay $1 each time I send something (after I spend my three free sends), or this is $1 paid for lifetime use?

PS
I really don't understand how Crosspass is related with Bitcoin  

I can tell you when I needed to do that,

- receiving wires to my bank account
- sharing an online wallet at blockchain.info with a business partner, for arbitrage
- sharing an encrypted Cryptomator cloud drive with a business partner
- giving Netflix password to my mom
- encrypting ZIP file with AES and sending the ZIP by Dropbox, while password by another method
- obtaining the password to an encrypted hard drive which was mailed after it was recovered by recovery service

However, the "password" here is a euphemism for an encryption key. If I were to call the app "Transfer Encryption Key" it would suffer the same fate as PGP and Keybase. No one knows what is a key or a fingerprint, but everyone knows what is a password and understands that it requires privacy and care.

“What's in a name? That which we call a rose by any other name would smell just as sweet.” -- Shakespeare

Why would I want to share passwords and bank info?

I'll check out your site when I'm on my laptop again.

Finally Johnny can encrypt!  

I've made a new app called Crosspass that makes end-to-end encryption for dummies.  It is better than Signal et al. because it forces users to authenticate (keys) via a natural flow.

- Based on a US patent which I have received this summer.
- Available on the App Store and Play Store.

See crosspass.app for details.

I would like to hire influencers in crypto space to blog about this.  Please PM me if you are one of them.