On Thu, Jul 23, 2015 at 4:17 PM, Tao Effect <[email protected]> wrote:
> The security requirements for end-to-end encryption leave us with an > unfortunate tradeoff known as Zooko's triangle[1] (the CAP theorem[2] of > security?): we do not know how to build a global secure directory of > human-chosen usernames. > > > I think we’ve known how to build such a directory since 2011 at least, see > Aaron Swartz’ post: > > http://www.aaronsw.com/weblog/squarezooko > > Which led to Namecoin, etc. > It's questionable as to whether this approach actually fulfills the "Secure" part of Zooko's triangle. Namely, Blockchains fork/clobber accepted writes because they're not partition tolerant (they sacrifice "P" in CAP, and are therefore considered broken by the distributed systems community[1][2]). So it's possible to MitM name registration, exploit the split brain/partitioned state of the network to claim a name on someone else's behalf, and trick people who are trying to look up keys by a human meaningful name into accepting an attacker's key. Perhaps clients could detect the network partition and attempt to surface some sort of warning to the user, but this seems like it would have a high false positive rate as network partitions on an Internet scale are rather frequent. [1] https://eprint.iacr.org/2014/765.pdf [2] http://codahale.com/you-cant-sacrifice-partition-tolerance/
_______________________________________________ Messaging mailing list [email protected] https://moderncrypto.org/mailman/listinfo/messaging
