I've been aware of the theorem for a while. The complete theorem is a bit more complex, as this is about NXDOMAIN *and* zone enumeration. Basically, you can choose to support NXDOMAIN and not have zone enumeration and then need to do online signing, or you can have NXDOMAIN, support offline signing and allow zone enumeration, OR you can support offline signing, not have zone enumeration, and NOT support NXDOMAIN.
In GNS, we simply do not support NXDOMAIN. On 01/04/2017 05:22 PM, Jeff Burdges wrote: > > Just learned there is a theorem that protecting against zone enumeration > requires some sort of "online" crypto, assuming you need authentication > or osmething. Ask if you want me to try to find a reference. > > > It came up in a talk on NSEC5 which requires sharing the secret key for > a verifiable random function (VRF) with the name server, but not the > zone key. > > http://eprint.iacr.org/2016/083 > http://www.cs.bu.edu/~goldbe/papers/nsec5.html > > > Not sure any of this stuff would be relevant for GNS type schemes. > > > > > _______________________________________________ > GNUnet-developers mailing list > [email protected] > https://lists.gnu.org/mailman/listinfo/gnunet-developers >
signature.asc
Description: OpenPGP digital signature
_______________________________________________ GNUnet-developers mailing list [email protected] https://lists.gnu.org/mailman/listinfo/gnunet-developers
