timehalo

Time Halo

• per-friend and per-time keyed rendezvous

This implementation is different from the ordinary halo in that you share a 12kb file with a friend containing public addresses (so you don't share the passphrase or public file)

Usage

Generating

go build
./timehalo-cli -cmd generate -friendhandle "bob" -destination "somefile" -codeword "867-5309" -sourcefile "LICENSE"

outputs "somefile.pubaddrs". share with @bob.

Proving

./timehalo-cli -cmd prove -friendhandle "bob" -destination "onion" -codeword "867-5309" -sourcefile "LICENSE"

• makes the tor site in ./onion/{torhiddensite}.onion/
• copy that into tor, restart it
• serve your new public key on it (at /)

(you'll need to re-run that every time period, e.g. every 24 hours for annual, 12 hours for bi-annual, 3 hours for monthly, and 30 minutes for weekly - as the tor addresses change)

Validating / rendevousing

(pre-requisite, have already gotten .pubaddrs file from friend)

(friend has to be running the correct server for the correct time)

./timehalo-cli -cmd validate -sourcefile shared.pubaddrs -destination newkey.pub

saves their new public key to file

Design

This is a rather buggy midnight idea.

I have a few research questions.

pbkdf2(public file, passphrase + friendname + "timehalo" + time_counter) -> 12kb key (375 tor keys) -> share specific public sites depending on time periods

where time_counter is the string representation of the integer for:

• week mode: 30 minute segments since sunday midnight
• month mode: 3 hour segments since first day of month midnight
• bi-annual mode: 12 hour segments (restart at 182.5 days)
• annual mode: 24 hour segments

^ note, I'm not sure whether to reduce it to one of these modes and hard-code it.

Generating

• input file, passphrase, friend's username
• generate the 12kb private key via PBKDF2 process
• for each offset in the range (0,375):
  • generate the public key
• send all public keys to friend

Proving

• input file, passphrase, friend's username, public key you're proving
• generates full private key
• divide current time by step size to get the offset in the private key
• start that tor address
• respond with specific key

Verifying

• look at your friend's shared tor addresses
• divide current time by step size (but on the 12kb public keys)
• generate checksum bits
• visit that tor address
• download that public key