Encrypted direct messages in Twitter

Quicksearch

Disclaimer

The individual owning this blog works for Oracle in Germany. The opinions expressed here are his own, are not necessarily reviewed in advance by anyone but the individual author, and neither Oracle nor any other party necessarily agrees with them.

Navigation

< First sightings: 6-core Opteron | The NUBIT presentations revisted ... >

Encrypted direct messages in Twitter

Saturday, February 21. 2009

Just thought about an add-on service for Twitter. Twitter isn´t really an secure communication channel. It would be nice to have an something like an service for public keys. Obviously such an service would need support from the twitter clients. A client would generate a key pair. The private key stays on the system of the user. The public key is transmitted to a server accessible in the internet, the fingerprint and the URL of the public key of the key would be integrated into the twitter profile.

When a user wants to transmitt an encrypted direct message to a user, the client checks for the profile, gathers the public key, checks with the fingerprint in the twitter profile and encrypts the direct message with it, prepends the message with a magic (like !C1! to mark it as a crypted message, encrypted with the first public key in the profile) and sends it to the other user. The client of the other user can encrypt it with it´s private key. By using an URL for the key instead of storing the key directly at twitter the public key can reside on any available server. Such an extension of a Twitter client would enable private direct messages trough Twitter.

Just yet another idea while waiting for the water for my tea to start boiling.

Posted by Joerg Moellenkamp in English, Privacy at 16:55 | Comments (2) | Trackback (1)

View as PDF: This entry | This month | Full blog

Trackbacks

Trackback specific URI for this entry

PingBack

Weblog: multimedia.cx
Tracked: Mar 27, 17:01

Comments

Display comments as (Linear | Threaded)

You can't really use twitter for this, then you have to make a twitter clone to handle this, as the 140 character limit on twitter only handles about the header and footer of a signed message

#1 Tenzer (Homepage) on 2009-02-21 20:11 (Reply)

I don´t think you need a footer or a header ... just the encrypted message ... the encryption is signaled by a prepended header like !C1! ... just for chars ... leaves 136 for your stuff

#2 Joerg+M. (Homepage) on 2009-02-21 20:17 (Reply)

Add Comment

Name
Email
Homepage
In reply to
Comment	E-Mail addresses will not be displayed and will only be used for E-Mail notifications. To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly. Enter the string from the spam-prevention image above: Standard emoticons like :-) and ;-) are converted to images. Enclosing asterisks marks text as bold (word), underscore are made via _word_.
	Remember Information? Subscribe to this entry