Kaladaran/briar
0
0
Fork 0
mirror of https://code.briarproject.org/briar/briar.git synced 2026-02-18 21:59:54 +01:00
Code Issues Projects Releases Wiki Activity

akwizgran
2016-09-05 13:35:39 +00:00
parent a52d2f2d1f
commit b42db9febf
1 changed files with 16 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

32
threat-model.md

@@ -229,7 +229,7 @@ Capabilities:
* Delete: Possible if the origin/destination is on Lou's network * Delete: Possible if the origin/destination is on Lou's network
4. Metadata of a communication stream 4. Metadata of a communication stream
* Read: Possible to read the origin/destination if the transport is linkable and the origin/destination is on Lou's network * Read: Possible to read the origin/destination if the transport is linkable and the origin/destination is on Lou's network
* Update: Possible if the origin/destination is on Lou's network (delaying the stream) * Update: Possible if the origin/destination is on Lou's network (spoofing addresses, truncating/extending/delaying the stream)
* Delete: Possible if the origin/destination is on Lou's network * Delete: Possible if the origin/destination is on Lou's network
5. Existence of a contact relationship between two users 5. Existence of a contact relationship between two users
* Read: Possible if one of the users sends a stream to the other, and the transport is linkable, and the origin or destination is on Lou's network. Possible if the users add each other as contacts using Lou's network * Read: Possible if one of the users sends a stream to the other, and the transport is linkable, and the origin or destination is on Lou's network. Possible if the users add each other as contacts using Lou's network
@@ -248,7 +248,7 @@ Capabilities:
* Delete: Possible if the stream crosses Rex's network * Delete: Possible if the stream crosses Rex's network
4. Metadata of a communication stream 4. Metadata of a communication stream
* Read: Possible to read the origin and destination if the transport is linkable and the stream crosses Rex's network * Read: Possible to read the origin and destination if the transport is linkable and the stream crosses Rex's network
* Update: Possible if the stream crosses Rex's network (delaying the stream) * Update: Possible if the stream crosses Rex's network (spoofing addresses, truncating/extending/delaying the stream)
* Delete: Possible if the stream crosses Rex's network * Delete: Possible if the stream crosses Rex's network
5. Existence of a contact relationship between two users 5. Existence of a contact relationship between two users
* Read: Possible if one of the users sends a stream to the other, and the transport is linkable, and the stream crosses Rex's network * Read: Possible if one of the users sends a stream to the other, and the transport is linkable, and the stream crosses Rex's network
@@ -283,43 +283,43 @@ Phil can sign into Alice's account if:
* Phil can brute-force the account credentials * Phil can brute-force the account credentials
5. Existence of a contact relationship between two users 5. Existence of a contact relationship between two users
* Read: Possible if Phil observes the users adding each other as contacts. Possible using the rules for Alice, and the rules for reading which user owns a nym, if Phil observes Alice while she is signed in * Read: Possible if Phil observes the users adding each other as contacts. Possible using the rules for Alice, and the rules for reading which user owns a nym, if Phil observes Alice using the app
6. Number of a user's contacts 6. Number of a user's contacts
* Read: Possible to read a lower bound using the rules for reading the existence of a contact relationship between users. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible to read a lower bound using the rules for reading the existence of a contact relationship between users. Possible using the rules for Alice, if Phil observes Alice using the app
7. Number of two users' mutual contacts 7. Number of two users' mutual contacts
* Read: Possible to read a lower bound using the rules for reading the existence of a contact relationship between users. Possible to read a lower bound using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible to read a lower bound using the rules for reading the existence of a contact relationship between users. Possible to read a lower bound using the rules for Alice, if Phil observes Alice using the app
8. Identities of a user's contacts 8. Identities of a user's contacts
* Read: Possible to read a subset using the rules for reading the existence of a contact relationship between users. Possible using the rules for Alice, and the rules for reading which user owns a nym, if Phil observes Alice while she is signed in * Read: Possible to read a subset using the rules for reading the existence of a contact relationship between users. Possible using the rules for Alice, and the rules for reading which user owns a nym, if Phil observes Alice using the app
9. Identities of two users' mutual contacts 9. Identities of two users' mutual contacts
* Read: Possible to read a subset using the rules for reading the existence of a contact relationship between users. Possible to read a subset using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible to read a subset using the rules for reading the existence of a contact relationship between users. Possible to read a subset using the rules for Alice, if Phil observes Alice using the app
10. A user's participation in a group 10. A user's participation in a group
* Read: Possible if Phil observes the user while she is signed in. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible if Phil observes the user using the app. Possible using the rules for Alice, if Phil observes Alice using the app
11. Existence of a contact relationship between two nyms: 11. Existence of a contact relationship between two nyms:
* Read: Possible using the rules for reading the existence of a contact relationship between two users, and the rules for reading which user owns a nym. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible using the rules for reading the existence of a contact relationship between two users, and the rules for reading which user owns a nym. Possible using the rules for Alice, if Phil observes Alice using the app
12. Number of a nym's contacts 12. Number of a nym's contacts
* Read: Possible using the rules for reading the number of a user's contacts, and the rules for reading which user owns a nym. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible using the rules for reading the number of a user's contacts, and the rules for reading which user owns a nym. Possible using the rules for Alice, if Phil observes Alice using the app
13. Number of two nyms' mutual contacts 13. Number of two nyms' mutual contacts
* Read: Possible using the rules for reading the number of two users' mutual contacts, and the rules for reading which user owns a nym. Possible using the rules for Alice ,if Phil observes Alice while she is signed in * Read: Possible using the rules for reading the number of two users' mutual contacts, and the rules for reading which user owns a nym. Possible using the rules for Alice ,if Phil observes Alice using the app
14. Nyms of a nym's contacts 14. Nyms of a nym's contacts
* Read: Possible using the rules for reading the identities of a user's contacts, the rules for reading which user owns a nym, and the rules for reading which nym a user owns. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible using the rules for reading the identities of a user's contacts, the rules for reading which user owns a nym, and the rules for reading which nym a user owns. Possible using the rules for Alice, if Phil observes Alice using the app
15. Nyms of two nyms' mutual contacts 15. Nyms of two nyms' mutual contacts
* Read: Possible using the rules for reading the identities of two users' mutual contacts , the rules for reading which user owns a nym, and the rules for reading which nym a user owns. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible using the rules for reading the identities of two users' mutual contacts , the rules for reading which user owns a nym, and the rules for reading which nym a user owns. Possible using the rules for Alice, if Phil observes Alice using the app
16. A nym's participation in a group 16. A nym's participation in a group
* Read: Possible if Phil observes the nym's owner while she is signed in. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible if Phil observes the nym's owner using the app. Possible using the rules for Alice, if Phil observes Alice using the app
17. Which user owns a nym 17. Which user owns a nym
* Read: Possible if Phil observes the user while she is signed in. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible if Phil observes the user using the app. Possible using the rules for Alice, if Phil observes Alice using the app
18. Which nym a user owns 18. Which nym a user owns
* Read: Possible if Phil observes the user while she is signed in. Possible using the rules for Alice, if Phil observes Alice while she is signed in * Read: Possible if Phil observes the user using the app. Possible using the rules for Alice, if Phil observes Alice using the app