Re: [Cfrg] I updated 3 drafts related to a FSU KeyEX

Stephen Farrell <stephen.farrell@cs.tcd.ie> Thu, 28 April 2016 10:01 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D037412B01E for <cfrg@ietfa.amsl.com>; Thu, 28 Apr 2016 03:01:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.297
X-Spam-Level:
X-Spam-Status: No, score=-5.297 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-0.996, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hLf-E643pgZ9 for <cfrg@ietfa.amsl.com>; Thu, 28 Apr 2016 03:01:55 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2FDD512B010 for <cfrg@irtf.org>; Thu, 28 Apr 2016 03:01:55 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id B3483BE75; Thu, 28 Apr 2016 11:01:53 +0100 (IST)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DwkXRGfub5g7; Thu, 28 Apr 2016 11:01:47 +0100 (IST)
Received: from [10.87.49.100] (unknown [86.46.24.231]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 3545BBE50; Thu, 28 Apr 2016 11:01:47 +0100 (IST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1461837707; bh=gHYFWXoANQpmf7cDCn0lWjbVZmStKWH6wfdakKJ1GWU=; h=Subject:To:References:From:Date:In-Reply-To:From; b=gVVVnMBA+K2eOcJvmyVT8PoPfDej3Y/X1Wed3RW23tPJ42Rsi2mSvWgmiXgJ9pSWf z/xqWxARpJql3cOWvigoRPXhDa/0zvw+xa8nJX2qunuiOusf5dlCi66tesu+U1zJ/b K7K9YI/dTzA2fsttcnxnTsxu29TGXeQ9/mvpNU5Q=
To: Michael Scott <mike.scott@miracl.com>, "cfrg@irtf.org" <cfrg@irtf.org>
References: <57208A04.4070804@po.ntts.co.jp> <7a3f5420-db18-496b-af32-e490bf6d0d80@akr.io> <CAEseHRqYNGhGaA+8HhUFDNxLc2WU=5GJf+om52RRuWwtEHUhmg@mail.gmail.com> <5721D74E.3010407@cs.tcd.ie> <CAEseHRppt9hcj9Rwkz1VCf8prxnVDjCCyBXbBWiO2-rUTp97jA@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=D66EA7906F0B897FB2E97D582F3C8736805F8DA2; url=
Message-ID: <5721DF8A.3090203@cs.tcd.ie>
Date: Thu, 28 Apr 2016 11:01:46 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.7.2
MIME-Version: 1.0
In-Reply-To: <CAEseHRppt9hcj9Rwkz1VCf8prxnVDjCCyBXbBWiO2-rUTp97jA@mail.gmail.com>
Content-Type: multipart/signed; protocol="application/pkcs7-signature"; micalg="sha-256"; boundary="------------ms080406080905060006040904"
Archived-At: <http://mailarchive.ietf.org/arch/msg/cfrg/EA6fYo1t-NvnVsq655qECupdpR8>
Subject: Re: [Cfrg] I updated 3 drafts related to a FSU KeyEX
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 28 Apr 2016 10:01:58 -0000

Hiya,

On 28/04/16 10:54, Michael Scott wrote:
> Hello Stephen,
> 
> 
> On Thu, Apr 28, 2016 at 10:26 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie
>> wrote:
> 
>>
>> Hi Mike,
>>
>> On 28/04/16 09:35, Michael Scott wrote:
>>> Maybe the more accurate phrase "n uniquely attractive targets" where
>>> n=2,3,4... doesn't carry quite the same punch!
>>
>> I'm sorry, but for me, it does have exactly the same
>> punch. If there are key generators, they can collude
>> or be coerced. Or even more likely, in a realistic
>> commercial Internet-scale deployment, it's quite likely
>> all of them (even if operated by different entities)
>> may be running on one or two mega-hosting platform,
>> so there may well be only one thing to break into
>> even if it looks like N things.
>>
> 
> Well I guess you would have to take care not to do it like that!

Easier said than done these days though.

And aside from crypto, collusion, coercion and all of that,
it's just way way harder to deploy some application that
depends on a currently non-existent infrastructure which we'd
like to be provided by independent entities.

For all their faults, we have the web PKI and DNS and I
guess BTC has the blockchain. If IBE depends on another
similar piece of infrastructure being created then I
reckon that's another nail in the coffin. (My belief is
that such bits of infrastructure only get created when
many stars align, and is basically unpredictable.)

For me, it's kinda like PAKEs - really cool math, but
the overall system benefit is nowhere near as cool.

S.

> 
> Mike
> 
> 
> 
>>
>> From my POV, the mandatory key escrow aspect of IBE
>> is basically fatal for all but possibly some small
>> set of niche applications.
>>
>> Cheers,
>> S.
>>
>>
>>
> 
> 
> 
> _______________________________________________
> Cfrg mailing list
> Cfrg@irtf.org
> https://www.irtf.org/mailman/listinfo/cfrg
>