[messaging] Hashing entries in a transparency log

Trevor Perrin trevp at trevp.net
Wed Sep 3 12:26:13 PDT 2014


On Fri, Aug 29, 2014 at 1:43 PM, Eduardo' Vela" <Nava> <evn at google.com> wrote:
>
> Regarding the SPAM problem, on publishing a list of emails vs a derived
> value (scrypt or so): It's a tradeoff of auditability and semi-anonymity. We
> might do it, but we want to be sure sacrificing auditability has been
> thought over before deciding against it.

Yeah, it's questionable how much "semi-anonymity" gets you.

People keep suggesting salt, but I don't think per-user salt is
feasible (different salts could map Bob's address to different hashes,
allowing the log to contain different public keys for Bob).

So it doesn't seem possible to rate-limit lookups via salt, meaning
that confirming email addresses from a Merkle Tree is only limited by
hashing speed.  People would probably reverse most of the addresses,
so this means the difference between publishing, I dunno, 90% of email
addresses versus 100%? (though for targeted users - political
candidates, celebrities, etc, people would tune the searches and have
a higher success rate.)

OTOH, even if hashing worked, I'm not sure if you'd be sacrificing
much "auditability".  I would expect monitors to only be watching logs
for changes to specific addresses, which hashing won't interfere with.

So I guess the difference seems small - in either case, most addresses
(particularly most "interesting" ones) are exposed and monitoring /
auditing works.


Trevor


More information about the Messaging mailing list