[messaging] Encrypted Pulic Contact Discovery

steve at actor.im steve at actor.im
Wed Aug 26 22:13:50 PDT 2015

If you saying that hashing can't help from bruteforcing, then why at least TextSecure, Wickr protomoe hashing of phone book as one of secure features? Why need to hash phones then?

19.08.2015, 20:34, "Moxie Marlinspike" <moxie at thoughtcrime.org>:
> On 08/19/2015 08:26 AM, steve at actor.im wrote:
>>  Hello everyone!
>>  Just finished small article about one idea of secure contact
>>  discovery:
>>  https://medium.com/@ex3ndr/encrypted-public-contact-discovery-95cfa0a0f6c7
> Publishing the entire directory is one approach to PIR, but it won't
> scale on mobile with an even moderately sized user base. We started out
> using a bloom filter for RedPhone, which is more space efficient than a
> directory of hashes and encrypted tokens, and have already hit the limit.
> For what it's worth, I wrote a small summary of techniques and why none
> of them work at scale here:
> https://whispersystems.org/blog/contact-discovery/
> Using PBKDF2 also won't stop someone from inverting your entire
> directory, since the preimage space is so small. If that's an important
> feature, encrypted bloom filters are probably a better option, since
> that at least allows you to rate limit server-side and is thus no worse
> than traditional contact intersection. But, again, it won't scale.
> - moxie
> --
> http://www.thoughtcrime.org
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging

More information about the Messaging mailing list