hashed user IDs [was: Re: Security of the gpg private keyring?]
expires2011 at ymail.com
Wed Mar 2 02:05:10 CET 2011
-----BEGIN PGP SIGNED MESSAGE-----
On Tuesday 1 March 2011 at 1:54:25 AM, in
<mid:4D6C51D1.6030908 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:
> However, i'm quite serious about the flaws paralleling
> the failures of NSEC3 to prevent DNS zone enumeration.
> the problem space is slightly different, but i think
> the math comes out about the same in terms of the cost
> of trying to brute force these things.
> Ultimately, i think Hashed User IDs provide only weak
> benefit against the equivalent of zone enumeration
> through the keyservers (which is presumably the goal),
> so understanding these arguments and providing a
> convincing refutation of them (or outlining an entirely
> different benefit) is probably the first task someone
> would need to take on.
My analogy, admittedly not a direct comparison, would be having a
phone number that is ex-directory. It is no defence against random
dialling, nor against your number being recorded from outgoing calls
if you don't take steps such as withholding the CLI, nor against
somebody who has your number passing it on without your permission.
Despite these failings there is still benefit in being ex-directory.
> Having a hashed User ID alongside your non-hashed User
> ID provides no benefit at all
Those of us who use different email addresses with different contacts
(and/or periodically change email addresses) might generate a hashed
user ID for each email address, maybe with a non-hashed user-id for
our name. Similarly with role-based user IDs, a user might have their
name in a non-hashed UID but use hashed UIDs for their roles.
MFPA mailto:expires2011 at ymail.com
Is it possible to be a closet claustrophobic?
-----BEGIN PGP SIGNATURE-----
-----END PGP SIGNATURE-----
More information about the Gnupg-users