[messaging] MITM-safe communication w/o authentication possible?

Ethan Heilman eth3rs at gmail.com
Sun Nov 29 15:53:21 PST 2015


>No, this is a common fallacy of "identity-based encryption".

Correct me if I'm wrong but my understanding is that IBE is slightly
weaker but more useful than the protocol I described because IBE
places some trust in the PKG. This trust allows IBE to directly
connect identities to cryptographic identities. If a fallacy exists it
is in the protocol I described but not in IBE.

>No human user thinks in terms of contacting cryptographic identities. There is some *implicit* binding here between your contact's idea of who they think you are, vs the cryptographic identifier/key/string that their software is actually performing the cryptographic protocol with.

I agree with what you argue here. I also agree that the system I
described does not work for most typical communication use cases but
the question was:
>"if it can be possible, _at least theoretically_, to have a MITM-secure internet channel without the use of PKI".
The answer is both yes it is theoretically possible and yes there are
atypical but real use cases.

Am I correct in my understanding that .onion addresses work this way?

I would also expect that this could be useful for:

1. self-organizing sensor networks,
2. pseudonymous internet forums (user A wants to send a message to the
user that write post X, user A doesn't care about that user's 'true
name'),
3. and cryptocurrency transactions.




On Sun, Nov 29, 2015 at 5:57 PM, Ximin Luo <infinity0 at pwned.gg> wrote:
> On 29/11/15 23:53, Ethan Heilman wrote:
>> It is possible If your identity in a system is directly tied to your
>> public key or some provable secret.
>>
>
> No, this is a common fallacy of "identity-based encryption". No human user thinks in terms of contacting cryptographic identities. There is some *implicit* binding here between your contact's idea of who they think you are, vs the cryptographic identifier/key/string that their software is actually performing the cryptographic protocol with.
>
> One may ignore the problem, push it away to another layer, and/or refuse to use language that allows one to think clearly about the real issues involved; but this does not mean that such issues do not exist.
>
> X
>
> --
> GPG: 4096R/1318EFAC5FBBDBCE
> git://github.com/infinity0/pubkeys.git


More information about the Messaging mailing list