Is there a social network that encrypts posts so that only the people in your network can read them. i.e. not even the admins of the server can read them.
For instance, if I wanted to run a private Mastodon instance for friends, I could read their PMs. Basically I want a social network where friends exchange keys and posts are encrypted between us. Surely this isn't a new idea.
Ooo. This maybe what is needed to build that. The properties described in the background are perfect for storing encrypted federated social network posts.
@ericmoritz Not only isn't this new, library support is stellar these days; most major languages have bindings to NaCl, which makes it really easy to make keys, encrypt, decrypt, etc: offers clear threat models and makes it hard to screw up. It's never been easier to do crypto correctly.
@ericmoritz have you looked at Secure Scuttlebutt? I'm not sure that functionality is currently available yet, but IIRC e2ee group messages are planned and can now send e2ee messages to one recipient.
This podcast has an overview. Its a bit old but I think most stuff is still correct/relevant.
Oktahedron: OH004 – Secure Scuttlebutt https://oktahedron.diskordia.org/?podcast=oh004-secure-scuttlebutt
@dazinism @ericmoritz I've been working up a design for such a network. Basic version would just use a shared file server (S3, WebDAV, FTP for crying out loud) and clients would upload and download encrypted posts, metadata, and indices. More advanced version would actually involve an application server for low latency, more advanced features, etc.
@ericmoritz @dazinism There's other metadata to consider when shuttling encrypted stuff around, even besides the server owner's view. For example, if you have a single index of posts, a technically savvy friend may notice that they can't access many of the posts. They must be off of some of your filters! Or if you have one index per friend, named by their public key hash, they can see that their index file is smaller or larger than your other friends' index files. Possibly drama source. >_>
@ericmoritz @dazinism But even without the spectre of metadata analysis for surveillance or social intrigue purposes, there's the simple matter that the hardest encrypted file to crack is the one you can't access.
So ideally you'd have encryption + access control: Each index file also requires a (static?) access token conveyed in the URL, possibly like https:// alice-token @ some server .net / username / indexes / alice-pubkey
That could be done by configuring existing server software.
@ericmoritz @dazinism If you're interested in pursuing this idea, I've been writing down goals and implementation ideas as well as just starting to build out an exploratory client. Let me know if you're interested in contributing to the design discussion or playing with the client.
(I suspect an application server is inevitable, by the way, but it would still only pass around encrypted blobs.)