The Mathematical Mesh is a user centered Public Key Infrastructure that uses cryptography o make computers easier to use.¶
The Mesh uses cryptography and an untrusted cloud service to make management of computer configuration data transparent to the end user. Each Mesh user has a personal profile that is unique to them. A user may link devices and applications to their Mesh profile to enable transparent sharing of data between them. Previous PKIs such as PKIX/X.509 and the PGP Web of Trust were designed to establish trust between users. The Mesh is the first open PKI to be focused on the problem of establishing trust between a collection of devices belonging to the same user.
Alice has a laptop computer and a tablet. They are both linked to her Mesh profile which allows either to be used for email or to control any devices in her smart home. Alice has chosen to only make her cloud documents available on her laptop but she could change that to add her tablet should the need arise
The Mesh allows devices connected to a profile to be provisioned with all the network configuration settings and credentials to enable the device to be used with the user's applications. In most cases, public key credentials will be provisioned to enable transport layer and end-to-end encryption.
All Mesh profiles are authenticated using digital signatures and all private material protected using industry standard end-to-end encryption. Representing the security and configuration properties of all the devices Alice owns in a consistent format makes it possible to provide Alice with tools to manage them.
Mesh profiles are typically published to a Mesh portal, an untrusted cloud service that provides mailbox-like capabilities to enable a seamless user experience for users who do not necessarily have an 'always on' machine to act as a broker for profile management operations. Sophisticated users MAY operate a personal Mesh portal should they choose.
Mesh portals MAY in turn be members of a federation exchanging updates, thus providing users with a guarantee of continued service should the portal they selected become unavailable. Each portal belonging to a federation maintains a local linked hash notary log to which all transactions are recorded. The outputs from each local portal log are in turn periodically (e.g. once an hour) enrolled in a meta-log maintained by the federation as a group. Thus ensuring that no Portal belonging to a federation can defect un-noticed unless the entire federation defects.
The Mesh cloud provides two functions to users:
The process of connecting devices is simple. When Alice alice buys a new desktop computer, she installs the mesh profile manager app and gives it her Mesh Portal account, which looks like a familiar, easy to remember email address. The tablet presents a connection request authentication fingerprint to Alice and posts a connection request to the Mesh portal. To complete the connection, Alice uses a device that has already been connected to her profile and granted administration privilege. She checks that the two fingerprints are the same and approves the request if so.
One of the most important advantages of using the Mesh for Alice is that from this point on, all her device configuration settings are stored in a form that she has absolute control over. Far too often does the application designer casually throw away all the user's careful choices.
One of the core discoveries of the World Wide Web is that getting the naming system right is the key to getting all else right.
In 1992, HTTP and FTP did not offer dramatically different functionality. What made the difference was that HTTP made use of a naming system that eliminated the need for user interaction. To use FTP, the user must log in to the remote machine, navigate to the desired directories on the host and remote systems, select the file transfer type and issue the appropriate upload or download commands. HTTP is simply 'click and done'.
The Web introduced a dramatically powerful new user interaction model for data but the security model that accompanied it is trapped in the FTP mode of thinking. When a user connects to the site, the browser first connects to the DNS to discover the IP address of the host. It is only after the host has been contacted and the certificate of the service presented that the trust authority (the Certificate Authority that issued the certificate) is involved.
In the Mesh trust model, the primary role of the CA is to provide introductions. When the user first visits the site, to buy goods, the site (and often the vendor it belongs to) is unknown. At this point, the user is looking to the Authority to help decide if they wish to purchase from.
This mode of interaction, trust after first use is already familiar to users of SSH. In the Mesh trust model we look to make use of all the security tools available to us.
The naming system is described in greater detail in draft-hallambaker-sin.