hashed user IDs [was: Re: Security of the gpg private keyring?]

Robert J. Hansen rjh at sixdemonbag.org
Wed Mar 9 14:24:12 CET 2011

On 3/9/2011 8:11 AM, Ben McGinnes wrote:
> Personally, I think it's an interesting idea and I can see the value
> in it, but I'm not sure there are enough people really pushing for it
> (yet).  With things like the data retention legislation being pushed
> in Europe, Australia and other countries, that may change.

It seems like this is really close to asking for private stream
searching, which would be the next logical step -- some way for the
client to query the database for a record in such a way there is no way
for the database to know what was queried.  This may sound alluring, but
it's an ephemera.  The current best-known PSS algorithm requires about
one zebibyte of traffic to do a ten-character ASCII search.

These sorts of blinded searches are really tempting, but there are
enormous theoretical hurdles to be cleared.  I would respectfully
suggest that if any discussion moves to PSS-type functionality, that
discussion be headed off at the pass.  :)

("Private searching on streaming data" by R. Ostrovsky: PDF available at

More information about the Gnupg-users mailing list