Why hashed User IDs is not the solution to User ID enumeration (was: Re: Creating a key bearing no user ID)

MFPA expires2012 at rocketmail.com
Thu Jan 26 02:02:50 CET 2012

Hash: SHA512


On Tuesday 24 January 2012 at 3:21:35 PM, in
<mid:4F1ECC7F.6060108 at fifthhorseman.net>, Daniel Kahn Gillmor wrote:

> What you're looking to do with this proposed
> hashed-user-id scheme is to find a way to avoid
> allowing people to enumerate e-mail addresses or User
> IDs from the data contained on the keyservers.  Right?

That is basically it, yes.

> Certainly, the keyservers will continue to support
> non-digested User IDs, so now tools will need to be
> able to handle both of them; we'll also need a policy
> for end-user agents to answer questions like "when
> looking up this e-mail address, do i send it only in
> digested form to the keyservers for lookup?

That would fail to return keys that had UIDs containing the non-hashed
string, unless the keyservers stored hashes for all plaintext UIDs.

>   or do i
> send it in cleartext form as well, thereby leaking the
> e-mail address to the keyserver operators

Or do I send the hash to one keyserver and the plaintext to another,
thereby doubling the number of enquiries.

> (and to anyone on the network path)?

and use SSL to exclude anyone on the network path?

> Ultimately, i don't think the tradeoffs for this scheme
> are worthwhile for the marginal and limited gain that
> the proposal provides.

Definitely limited; I think of it as little more than a
privacy-enhancing defence against casual snooping rather than a
security measure. But is it really so marginal?

> I'd love to find a solution to
> the User ID enumeration problem, but i don't think
> hashed-user-ids is it.

As I see it, you either:-

include the UIDs in non-human-readable form (e.g. hashed) in the key
that's distributed.

or you distribute UIDs separately from their key.

or when you download a key the copy you get includes only the UID you

- --
Best regards

MFPA                    mailto:expires2012 at rocketmail.com

An idealist is a person who helps other people to be prosperous


More information about the Gnupg-users mailing list