[messaging] Masking contact addresses with ECDH
mail at bharr.is
Mon Feb 29 12:25:05 PST 2016
On 1 Mar 2016 7:11 am, "Tony Arcieri" <bascule at gmail.com> wrote:
> On Monday, February 29, 2016, Ben Harris <mail at bharr.is> wrote:
>> What if I were to take the scalar and raise it to [the field prime minus
2] mod the prime?
> If the answer to that question is the original point, then I guess the
scheme is worthless...
The multiplicitive inverse of the original scalar.
But your scheme could just be Alice publishing a random R and also the
hash/HMAC of each contact using R as key.
Though it looks to only protect an attacker from determining if two people
share contacts if the majority of public keys are secret/unpublished. An
attacker with a directory of contacts can unblind everything.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Messaging