On 28/08/13 02:44 AM, radi...@gmail.com wrote:
Zooko's triangle, pet names...we have cracked the THEORY of secure naming, just 
not the big obstacle of key exchange.

Perhaps in a sense of that, I can confirm that we may have an elegant theory but practice still eludes us. I'm working with a design that was based on pure petnames & ZT, and it does not deliver as yet.

One part of the problem is that there are too many things demanding names, which leads to addressbook explosion. I have many payment vehicles, many instruments, and in a fuller system, many identities. Each demanding at least one petname.

And so do my many counterparties. A second part of the problem is that petnames are those I give myself to some thing, but in some definitional sense, I never export my petnames (which is from which they derive their security). Meanwhile, the owner of another thing also has a name for it which she prefers to communicate about, so it transpires that there is a clash between her petname and my petname. To resolve this I am exploring the use of nicknames, which are owner-distributed names, in contrast to petnames which are private names.

Which of course challenges the user even more as she now has two namespaces of subtle distinction to manage. Kerckhoffs rolls six times in his grave.

Then rises the notion of secured nicknames, as, if Alice can label her favourite payment receptacle "Alice's shop" then so can Mallory. Doh! Introduction can resolve that in theory, but in practice we're right back to the world of identity trickery and phishing. So we need a way to securely accept nicknames, deal with clashes, and then preserve that security context for the time when someone wishes to pay the real Alice. Otherwise we're back to that pre-security world known as secure browsing.

Then, map the privacy question over the above mesh, and we're in a traffic analyst's wetdream. One minor advantage here is that, presswise, we only need to do a little better than Bitcoin, which is no high barrier ;)

In sum, I think ZT has inspired us. It asks wonderfully elegant questions, and provides a model to think about the issues. Petnames and related things like capabilities answer a portion of those questions, but many remain. Implementation challenges!

... And I don't think the wider public was concerned/scared enough to care 
before Snowden. Let's hope they care long enough to adopt any viable solutions 
to the problem that might pop up in the wake of all this. The traffic on this 
list the past week is a very welcome thing.

Yes. I was never scared of the NSA. But the NSA and the FBI and the DEA and every local police force ... that's terrifying. That's a purer essence of terror, far worse than terrorism. We need a new word.


The cryptography mailing list

Reply via email to