[messaging] Reduce identity key exposure in Pond
Ben Harris
mail at bharr.is
Mon Mar 30 23:01:43 PDT 2015
On 31 March 2015 at 13:43, Trevor Perrin <trevp at trevp.net> wrote:
>
> You're also adding a security property that the server's in position
> to violate. An alternative would be for Alice to create separate Pond
> identities when she wants to communicate under different, unlinkable
> pseudonyms. This gives her the possibility of keeping these
> identities unlinked even from the server, so it's arguably a better
> solution for this problem.
>
A third alternative is to drop the <id> and have the server try to validate
the MAC with all the posibilities - the server is still in the position to
violate this too.
Making it easy to create and manage Pond identities sounds like the best
way to go.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://moderncrypto.org/mail-archive/messaging/attachments/20150331/7a4cd4fe/attachment.html>
More information about the Messaging
mailing list