Monthly Archives: November 2021

An idea for anonymous blogging

Published / by Andrew

I’m trying to think of a way to have a completely anonymous “blog” of sorts that’s not in the dark web. I’m sure there are already many solutions to this, but my basic idea is using the copypasta format with encryption. The text itself contains what’s needed to maintain the anonymity and it can be copy-pasted anywhere.

And it’s certainly possible that this exact idea or a better version of it is already in use.

My current idea is chaining hashed messages. To be clear, I am not an expert on encryption– This goes by my memory of Cryptology in grad school.

As some background, a hashing algorithm is used to store passwords. (Usually salting and hashing, but we’re only going to be focusing on hashing here.)

A hash is what’s called “one way” encryption. That term can technically mean many things, but in our case we specifically mean that anything can be encrypted, and nothing can be decrypted. So, what’s the point, then? Validation. I can hash something you give me to make sure it matches a value that we already have.

Imagine Rumplestiltskin. He won’t tell me his name, but I can guess as many times as I want. As soon as I get it right, he’ll tell me that I got it right.

The hash value and algorithm are Rumplestiltskin. I can’t get the message out of the hashed value or the algorithm, but as soon as I guess right, they’ll tell me it’s right

It’s validation, and it’s why we use it for passwords. (In practice, it’s more complicated than that, but that’s the idea.) It tells me “This password that this guy gave me matches the hash I have, so it must be right, even though I didn’t know what the password was.”

So, my goal here is to make messages that can spread via copy-paste and we can validate that they all came from the same source. Using the copypasta format (if you can call that a format), anybody can copy-paste it to social media, blog it, email it, print it, whatever. Using a hash algorithm, anybody can validate that all messages came from one source, while the source remains anonymous.

With all the background out of the way, here’s the basic idea: Every message is chained to the previous message using a hash. Essentially, every message has the following format:

{Message content}
{Password that matches previous messages hash.}
{Hash of next password, which will be secret until the next message is released.}

Of course the first message establishes the chain, so it would skip the password matching previous hash, since there is no previous hash.

Every individual message says “You’ll know the next message that comes from me because it’ll have the password that matches this hash.” Nobody will, in theory, be able to guess the password, but everyone will be able to validate it when it comes out.

There is one problem, though. What’s to stop someone else from copying the password and hash, or just the password, for that matter, and falsely claiming the message is linked to that password? Then we’d have two messages that both claim to be from the same source.

Maybe some blockchainy thing could solve that problem, but the only solution that comes to my mind is using a single source of truth from a trusted third-party source. Say, all messages will always be first posted to Pastebin, which I use as an example because you can post to it without an account and via the Tor network. If all messages will always be posted first to pastebin, then the first message to appear with the password will necessarily be the one from the correct source. Failing that, old-fashioned internet sleuthing should be able to find the first message posted with the password.

It’s certainly possible that there are holes in this idea or that it’s already super common and I was just oblivious. (There was one time when I had an idea for a new encryption method and it turned out to be what HBO used in the 80s to encrypt their stream, or something like that.)

I will also almost certainly never use this, myself. I’m not interested in being the type of person that would need something like this. I am no Publius.

But I enjoy thinking through this kind of thing, so I thought I’d share it.