[messaging] Google End-to-End plans on using key directories with a CT-like verification protocol

Joseph Bonneau jbonneau at gmail.com
Thu Aug 28 15:47:00 PDT 2014

On Thu, Aug 28, 2014 at 6:17 PM, David Leon Gil <coruus at gmail.com> wrote:

> The issue is that usernames are extremely guessable. I think that
> Joseph Bonneau had some stats on this in his thesis.

Unfortunately I don't (I have stats on my thesis on the distribution of
*human* names, not email addresses). Email addresses are unique, unlike
passwords or names, so it's a slightly different statistical problem from
what I've worked extensively on the theory side of. Doesn't really
matter-bottom line is if you can try a few million guesses for plausible
email addresses, you'll probably harvest a large number regardless of the
hashing regime involved.

Using a strengthened hash is of course preferable to nothing, as Tony
points out there are other ways to harvest email addresses and we can claim
this is no worse.

Still, we're basically having the DNSSEC zone-walking debate again here.
Hashing helps in both cases but we are slightly changing the privacy
aspects of email addresses/subdomains with a new security feature. Maybe
people shouldn't have relied on either thing being private to begin with,
but this new proposal does change things and that needs to be carefully
thought about.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20140828/f67b3a79/attachment.html>

More information about the Messaging mailing list