Making Twitter Secure

A student of mine (Michael Jaros) had the interesting idea to use a public key crypto system to encode tweets. The idea is very simple – just encode the tweet with the public key of the person you want to contact on twitter. Let me illustrate this approach with a simple example: Bob wants to write Alice a private message on Twitter. Thus, Bob looks up Alice’s public key and encodes the Tweet with Alice’s public key. Alice receives Bob’s Tweet and decodes it with her private key. Et voilá: Alice got Bob’s message that nobody else can decode to read it.
There are, however, some details to consider. First of all, public key crypto systems need a certain key length to be secure. This results in messages that are longer than 140 Bytes. This is a problem for Twitter, because encoded messages are longer than 140 Bytes. A potential solution is either to break up the message into several Tweets or simply use a different Twitter Server (e.g., Status.net) where you can change the message length. Alternatively, a text hosting service can be used: an encoded message is put on an external text hosting server and the message URL is posted on Twitter.
This approach works well for peer to peer communication (Bob writes Alice encoded messages). If a message has more than one recipient, this approach does not work anymore. Unless the message is encoded several times (using each recipient’s public key) each receiver must have either the same private key. Or, and this is certainly interesting from a mathematical point of view, there is a way to generate a generic public key from the receivers public keys and to encode the message with this “composite-key”. Every owner of a part of the composite key could then decode the message with their respective private key, without the other recipients knowing this.

your ikangai science team

your ikangai science team

, ,
  • Delicious
  • Facebook
  • Digg
  • Reddit
  • StumbleUpon
  • Twitter

Leave a Reply

XHTML: You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>