Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)

MFPA expires2012 at rocketmail.com
Thu Jan 26 02:02:50 CET 2012 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Hi


On Tuesday 24 January 2012 at 3:21:35 PM, in
<mid:4F1ECC7F.6060108 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:


> What you're looking to do with this proposed
> hashed-user-id scheme is to find a way to avoid
> allowing people to enumerate e-mail addresses or User
> IDs from the data contained on the keyservers.  Right?

That is basically it, yes.



> Certainly, the keyservers will continue to support
> non-digested User IDs, so now tools will need to be
> able to handle both of them; we'll also need a policy
> for end-user agents to answer questions like "when
> looking up this e-mail address, do i send it only in
> digested form to the keyservers for lookup?

That would fail to return keys that had UIDs containing the non-hashed
string, unless the keyservers stored hashes for all plaintext UIDs.



>   or do i
> send it in cleartext form as well, thereby leaking the
> e-mail address to the keyserver operators

Or do I send the hash to one keyserver and the plaintext to another,
thereby doubling the number of enquiries.



> (and to anyone on the network path)?

and use SSL to exclude anyone on the network path?



> Ultimately, i don't think the tradeoffs for this scheme
> are worthwhile for the marginal and limited gain that
> the proposal provides.

Definitely limited; I think of it as little more than a
privacy-enhancing defence against casual snooping rather than a
security measure. But is it really so marginal?



> I'd love to find a solution to
> the User ID enumeration problem, but i don't think
> hashed-user-ids is it.

As I see it, you either:-

include the UIDs in non-human-readable form (e.g. hashed) in the key
that's distributed.

or you distribute UIDs separately from their key.

or when you download a key the copy you get includes only the UID you
requested.

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

An idealist is a person who helps other people to be prosperous
-----BEGIN PGP SIGNATURE-----

iQCVAwUBTyCmQKipC46tDG5pAQrsIgQAlAZLfIcxdbI9DjmHwJlzaMAmIeh4SCgj
P4ZExLyV1srr4kBypd/UqvmeqQddCeoejuigiFzwh42BCTgTrLWbpbAnzcoJTSnE
1Ps8Mg1B29PUH0cbYSrNVyE1ZzUdpGlvxZneWYjzJwLmq3rsqW9lVodIim/ZMR0f
ppmHK42ugr4=
=A7ih
-----END PGP SIGNATURE-----

More information about the Gnupg-users mailing list