Loom Security

Submitted by Bill St. Clair on Thu, 03 Jan 2008 23:35:57 GMT <== Loom ==>

I introduced the Loom.cc electronic accounting system on Monday. Since then, I talked extensively with it's creator, Patrick Chkoreff. He gave me a link to the source, and I got it working in a Linux virtual machine on my Mac (I wasn't able to install one of the Perl libraries it needs in Mac OS X). It took me a little while to figure out how to bootstrap the first folder, the one that owns the usage tokens, but I found a comment in the code that pointed me in the right direction. I made a suggestion to Patrick to make this easier in the future, and I think he'll probably do it. I'm running v58 of the software, which is an older version than the one that is currently running at Loom.cc. Mine is missing the "CMS".

The Loom Grid Help page gives a good overview of the logical implementation of the grid. But there are a few details of that representation that have important ramifications for the security of your assets in the system.
You still have to trust that Patrick's code does what he says it does, i.e. that Loom.cc is really running the code that he distributes, and you have to trust that he's using a secure web host. The latter seems pretty likely since "whois loom.cc" says that the nameservers are ns1.rayservers.com and ns2.rayservers.com, and rayservers.com's web page says that they specialize in security, availability, and high bandwidth. Only time and experience will tell how trustworthy Patrick is with our assets.

One of the first things I wondered about the security of the Loom.cc database is how much information someone who got access to a raw database files would be able to extract from it. Turns out that not much can be gleaned, but possibly more than ideal.

The database itself is currently implemented using GNU gdbm, a persistent hashtable mechanism that is part of most Linux distributions. The keys and data in this can be any string of bytes. It's quick and mature. Loom's interface to gdbm is centralized and very simple, so replacing it with another persistent hash-table mechanism wouldn't be hard.

The loom database is used to store two types of data, the grid of asset values and what Patrick calls the archive. In the source code I have, the archive is used only for storing your folder information, your name, the assets you know about and their names, and the locations you know about and their names. In the current development code, the archive enables a complete, secure Content Management System (CMS).

Except for the initialization of an asset, which stores -1 in the issuer location, changes to the grid are always done in pairs, subtracting the transferred amount from the source location and adding it to the destination location. The database key for a location is the concatenation of the asset id and and the SHA256 hash of the location. The value is the raw integer number of asset tokens, which is formatted for display according to how you configure the "Scale" and "Min Precision" on the "Edit Asset Type" web page. This allows identification of the values and raw integer asset IDs from a database dump, but no idea of the locations themselves. A knowledgable person could, however, recognize values for assets that they care about, and change the database to transfer assets from unknown locations to locations that they know, "stealing" assets from unknown Loom users. The advantage of the current scheme is that it enables auditing of the assets to make sure all the numbers add to -1. It might be better from a security standpoint, however, to hash the concatenated asset ID and location as the datbase key, and, possibly, encrypt the values, using the raw location as the encryption key, as is done in the archive.
Encrypting and storing the concatenation of the value and its hash would allow validation of a users's assets at login time, for a doubling of the value storage space.

The archive, where your folder information is stored, and where the CMS is stored (I think), is much more secure. The database key is the SHA256 hash of the location ID. The value is AES encrypted with the raw location. So, though you can see the hashes in the database, you need to know the unhashed locations to decrypt the data. The folder location ID is a hash of the login passphrase. The folder information is encoded as a text string in KV format, as printed when you fill in the text areas and click one of the buttons on the Loom Grid Tutorial page.

Add comment Edit post Add post

Comments (1):

Patrick added encryption

Submitted by on Fri, 04 Jan 2008 02:34:30 GMT

Patrick added encryption to the database storage, with a simpler mechanism than I proposed. Works good for me. Don't know if it makes sense to make it the default. Some operators will prefer to have an auditable database.

I also checked the random number generator that is used by the "Random" buttons in the interface. They all go through one random number module, which uses /dev/urandom. It's cryptographically secure, though not quite as truly random as /dev/random, but /dev/random can block while it collects entropy, which is not good for web server responsiveness.

Edit comment

Add comment Edit post Add post

Previous Posts:
Forty Second Boyd and the Big Picture
2008 Presidential Endorsement
Remington to Acquire Marlin Firearms
Marlin's New XL7 Bolt Action Rifle
Extradition Hearing To Begin January 21
Quote
New Bush Coins
Loom Electronic Accounting System
Money as Debt
Airport profilers: They're watching your expressions

Navigation

History

Quotes

Government doesn't work. Never did. Never will. Can't. But there are lots of good people. Love them.

-- Bill St. Clair

The Atlanta Declaration

Every man, woman, and responsible child has an unalienable individual, civil, Constitutional, and human right to obtain, own, and carry, openly or concealed, any weapon -- rifle, shotgun, handgun, machinegun, anything -- any time, any place, without asking anyone's permission.

-- L. Neil Smith

Reread that pesky first clause of the Second Amendment. It doesn't say what any of us thought it said. What it says is that infringing the right of the people to keep and bear arms is treason. What else do you call an act that endangers "the security of a free state"? And if it's treason, then it's punishable by death. I suggest due process, speedy trials, and public hangings.

-- L. Neil Smith

A Penalty Clause for the Bill of Rights

Any official, appointed or elected, at any level of government, who attempts, through legislative act or other means, to nullify, evade, or avoid the provisions of the first ten amendments to this Constitution, or of the Thirteenth Amendment, shall be summarily removed from office, and, upon conviction, deprived of all pay and benefits including pension, and sentenced to imprisonment for life.

-- L. Neil Smith

Based on 253 journal articles, 99 books, 43 government publications, and some of its own empirical work, the panel couldn't identify a single gun control regulation that reduced violent crime, suicide or accidents.

-- John Lott, commenting on the National Academy of Sciences report on gun control laws.

Who is a libertarian?

Zero Aggression Principle ("Zap")

"A libertarian is a person who believes that no one has the right, under any circumstances, to initiate force against another human being, or to advocate or delegate its initiation. Those who act consistently with this principle are libertarians, whether they realize it or not. Those who fail to act consistently with it are not libertarians, regardless of what they may claim."

-- L. Neil Smith

(Formerly called the "Non-Aggression Principle", or "NAP")

Why Did It Have to be... Guns?

Make no mistake: all politicians -- even those ostensibly on the side of guns and gun ownership -- hate the issue and anyone, like me, who insists on bringing it up. They hate it because it's an X-ray machine. It's a Vulcan mind-meld. It's the ultimate test to which any politician -- or political philosophy -- can be put.

If a politician isn't perfectly comfortable with the idea of his average constituent, any man, woman, or responsible child, walking into a hardware store and paying cash -- for any rifle, shotgun, handgun, machinegun, anything -- without producing ID or signing one scrap of paper, he isn't your friend no matter what he tells you.

If he isn't genuinely enthusiastic about his average constituent stuffing that weapon into a purse or pocket or tucking it under a coat and walking home without asking anybody's permission, he's a four-flusher, no matter what he claims.

What his attitude -- toward your ownership and use of weapons -- conveys is his real attitude about you. And if he doesn't trust you, then why in the name of John Moses Browning should you trust him?

-- L. Neil Smith

Concise

"Tell me," I was once asked, "What do you think about gun control? Give me the short answer." To which I replied, "If you try to take our firearms we will kill you."

-- Mike Vanderboegh

Also from The Atlanta Declaration:

... like going to the bathroom, breathing, eating, sleeping, or making love, it turns out that self-defense is a bodily function one cannot safely or effectively delegate to a second party.

-- L. Neil Smith

This does not mean that "Marijuana should be available by prescription." It means that morphine sulfate should be available in five pound bags at the supermarket for a couple of bucks, like sugar... but probably in a different aisle, to avoid confusion.

-- Vin Suprynowicz

If you refuse to pay unjust taxes, your property will be confiscated. If you attempt to defend your property, you will be arrested. If you resist arrest, you will be clubbed. If you defend yourself against clubbing, you will be shot dead. These procedures are known as the Rule of Law.

-- Edward Abbey

The state can only survive as long as a majority is programmed to believe that theft isn't wrong if it's called taxation or asset forfeiture or eminent domain, that assault and kidnapping isn't wrong if it's called arrest, that mass murder isn't wrong if it's called war.

-- Bill St. Clair