the worlds most private dating site

The worlds most private dating site

With Eccentric Authentication we can design the worlds most private
dating site. Ecca gives us benefits that other authentication
mechanisms cannot provide. Namely: Completely anonymous and fully
secure
.

Similarities

Like any other dating site, ours allows you to create a profile and
search for other peoples’ profiles. When you’ve found a
Profile-of-Interest, you can write messages to the person behind the
profile.

The similarities end here. See what we do diffently.

Sign up

We require our users to sign up with an Ecca account. As with every
ecca-account you choose your nickname. It’s how you wish to be known on the
site. Names can be anything, say “Beer Belly” or “Biker Babe”.

When you’ve chosen your username, your browser creates the account for
you:

  • it creates a private and public key;
  • it offers the username and public key to the site for signing;
  • it receives the certificate;
  • it keeps the private key secure.

The certificate allows you to log in and create your profile.

After you’ve paid the membership fee, our site lists your profile.
Now you can browse profiles and other members can view yours.

Private messaging

Say you have registerd under the name Beer Belly. You find the profile
of Biker Babe interesting to start a private conversation with
her. Would you use a conventional dating site, you only have their promise
that they won’t read your message. Or at least that they have the ‘decency’ not to
tell you that they do read your messages.

With Ecca, you don’t have that worry. No one except Biker Babe can
read your message. Here’s how that works.

You press the ‘private-message’ button on your browser. It fetches the
certificate of Biker Babe. In the certificate is her public key.

You type your message, your browser encrypts it with Biker Babes’
public key. That makes the message only readable to her. Now you sign
it with your private key. Then you hand it over to our dating site for
delivery.

When Biker Babe logs in, your message will be delivered. She fetches
your certificate from the site. That allows her to: 1. verify that you
are a member of the site; 2. send messages back to you.

Going further

When the two of you like your conversation so much you can take it up a
notch and do a voice chat.

Each of you feeds the certificate of the other into your (privacy
preserving) voice chat application and the systems will set up a
encrypted voice channel, ready to talk dirty.

This chat application is not connected to the dating site. It doesn’t
need to be. All that it needs is the the certificate of the other
party and your private key. Technically, it also needs a common ground
where the two programs can find each other before they validate the
certificates and set up the audio channel but that’s out of the scope
of this blog post.

Abuse handling

Suppose one of the BB’s is too liberal with the private channels and
behaves too inappropriate to the other BB’s opinion. Let’s say that
BB1 finds the message of BB2 inappropriate.

BB1 has now several options:

  1. Block all messages signed by BB2;

  2. Report the messages to the dating site staff; If they agree that
    BB2 went out of line, they close the account. BB1 cannot falsely
    accuse BB2. The messages are signed with BB2’s private key, so
    there’s the proof.

In both cases BB2 now needs create a new account and pay the
membership fee again to be able to contact BB1 ever again.

Closing an account

Our dating site doesn’t have to do much to close the account. It just
blacklists your public key from login in and refuse to accept your
messages to other members.

There is no need for a CRL or other crypto revocation
protocols. We keep it simple but effective. Eventually the certificate
expires and we can clean up our blacklist.

Wipe your trail

When your subscription to our dating site expires, it
would be in your best interest to delete your private key.

Would you ever use that private key to sign a message and you somehow
you would need to public with your real world identity, it allows your
dating partner to match these messages and publish your love letters,
fully attributed to you. Although embarassing at best, it could be
worse if you where the one so rude that the site closed your account.

The Ecca protocol almost makes that problem a non-issue because it
generates a new private key for every account you create and your
browser handles all the crypto-bits.

Trust considerations

When you decided to sign up for our dating service and pay the fee,
you made a trust decision. Your decision is most likely based upon
recommendations from people that you trust.

You wouldn’t make that decision because some global CA has signed a
server certificate that made the address bar green.

It’s the other way around. By trusting our site enough to sign up, you trust
us to have our cryptography in order so you can communicate
privately with the other members of the site.

If we don’t have our crypto in order, or we turn out to be
crooks, you’ve only lost some money. You never gave us your real
world identity. (And you did pay in bitcoin, didn’t you?)

Deployment

The bad news: To deploy this we need to improve our web browsers. The
good news, we can start with just three – not too complicated –
browser plug ins to get things going. That’s for another blog.