[messaging] Do Blockchains solve Zooko's triangle? (was: Another Take At Public Key Distribution)

Tony Arcieri bascule at gmail.com
Thu Jul 23 16:25:38 PDT 2015


On Thu, Jul 23, 2015 at 4:17 PM, Tao Effect <contact at taoeffect.com> wrote:

> The security requirements for end-to-end encryption leave us with an
> unfortunate tradeoff known as Zooko's triangle[1] (the CAP theorem[2] of
> security?): we do not know how to build a global secure directory of
> human-chosen usernames.
>
>
> I think we’ve known how to build such a directory since 2011 at least, see
> Aaron Swartz’ post:
>
> http://www.aaronsw.com/weblog/squarezooko
>
> Which led to Namecoin, etc.
>

It's questionable as to whether this approach actually fulfills the
"Secure" part of Zooko's triangle.

Namely, Blockchains fork/clobber accepted writes because they're not
partition tolerant (they sacrifice "P" in CAP, and are therefore considered
broken by the distributed systems community[1][2]). So it's possible to
MitM name registration, exploit the split brain/partitioned state of the
network to claim a name on someone else's behalf, and trick people who are
trying to look up keys by a human meaningful name into accepting an
attacker's key.

Perhaps clients could detect the network partition and attempt to surface
some sort of warning to the user, but this seems like it would have a high
false positive rate as network partitions on an Internet scale are rather
frequent.

[1] https://eprint.iacr.org/2014/765.pdf
[2] http://codahale.com/you-cant-sacrifice-partition-tolerance/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150723/5235b4cc/attachment.html>


More information about the Messaging mailing list