[messaging] Encrypted Pulic Contact Discovery

Moxie Marlinspike moxie at thoughtcrime.org
Wed Aug 19 10:34:41 PDT 2015

On 08/19/2015 08:26 AM, steve at actor.im wrote:
> Hello everyone!
> Just finished small article about one idea of secure contact
> discovery:
> https://medium.com/@ex3ndr/encrypted-public-contact-discovery-95cfa0a0f6c7

Publishing the entire directory is one approach to PIR, but it won't
scale on mobile with an even moderately sized user base.  We started out
using a bloom filter for RedPhone, which is more space efficient than a
directory of hashes and encrypted tokens, and have already hit the limit.

For what it's worth, I wrote a small summary of techniques and why none
of them work at scale here:


Using PBKDF2 also won't stop someone from inverting your entire
directory, since the preimage space is so small.  If that's an important
feature, encrypted bloom filters are probably a better option, since
that at least allows you to rate limit server-side and is thus no worse
than traditional contact intersection.  But, again, it won't scale.

- moxie


More information about the Messaging mailing list