Re: [CFRG] I-D Action: draft-irtf-cfrg-rsa-blind-signatures-02.txt

Chelsea Komlo <ckomlo@uwaterloo.ca> Mon, 30 August 2021 03:00 UTC

Return-Path: <ckomlo@uwaterloo.ca>
X-Original-To: cfrg@ietfa.amsl.com
Delivered-To: cfrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CF71A3A0B22 for <cfrg@ietfa.amsl.com>; Sun, 29 Aug 2021 20:00:24 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.1
X-Spam-Level:
X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=uwaterloo.ca
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6fGtt6rhkrrN for <cfrg@ietfa.amsl.com>; Sun, 29 Aug 2021 20:00:18 -0700 (PDT)
Received: from esa.hc503-62.ca.iphmx.com (esa.hc503-62.ca.iphmx.com [216.71.135.51]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 390D93A0B1A for <cfrg@irtf.org>; Sun, 29 Aug 2021 20:00:17 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=uwaterloo.ca; i=@uwaterloo.ca; q=dns/txt; s=default; t=1630292418; x=1661828418; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=MyUEH3Rli1LskMaTeaHF0PDl7uuyy71PAnrriGUzDXw=; b=TKd28WUjk9FgYxEBFeSDYM5lKrEk0wPGk8MLcJ5OfK5a47LdiVghm1pL vXYWDAsw1P4Q7OUU/ikfNacy+Q13iCaIw4hrW2k8YGr0FN15swdBAlTgN MCLQeGwpAQTy+vptvxyP3WHVZU5bY7Zl0bxEPOWSBceXDFqbR6eO1kJgP w=;
Received: from connect.uwaterloo.ca (HELO connhm03.connect.uwaterloo.ca) ([129.97.208.43]) by ob1.hc503-62.ca.iphmx.com with ESMTP/TLS/AES256-GCM-SHA384; 29 Aug 2021 23:00:15 -0400
Received: from connhm04.connect.uwaterloo.ca (172.16.137.68) by connhm03.connect.uwaterloo.ca (172.16.137.67) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.2308.14; Sun, 29 Aug 2021 23:00:15 -0400
Received: from connhm04.connect.uwaterloo.ca ([172.16.137.68]) by connhm04.connect.uwaterloo.ca ([172.16.137.68]) with mapi id 15.01.2308.014; Sun, 29 Aug 2021 23:00:15 -0400
From: Chelsea Komlo <ckomlo@uwaterloo.ca>
To: "Stanislav V. Smyshlyaev" <smyshsv@gmail.com>, CFRG <cfrg@irtf.org>
CC: "cfrg-chairs@ietf.org" <cfrg-chairs@ietf.org>
Thread-Topic: [CFRG] I-D Action: draft-irtf-cfrg-rsa-blind-signatures-02.txt
Thread-Index: AQHXh7UhOq2lGwbIuUiUQj4N6CbHOKtgn2iAgAAcDACAACAQgIAFrDAAgCT5dqk=
Date: Mon, 30 Aug 2021 03:00:15 +0000
Message-ID: <b4ab82f15439491bb265ba6d64d60185@uwaterloo.ca>
References: <162791899203.1107.7194332652638927873@ietfa.amsl.com> <0aab06f7-7beb-4ccc-ab8b-3a09d4d3c8fc@www.fastmail.com> <20210802172912.GK6513@yoink.cs.uwaterloo.ca> <a154ab88-7410-4346-8f7a-110f8e9a5591@www.fastmail.com>, <CAMr0u6=QrGQt5UPzbwEs+zmLuzgB+KC2OJ0R+C0Md0EkXWWFmw@mail.gmail.com>
In-Reply-To: <CAMr0u6=QrGQt5UPzbwEs+zmLuzgB+KC2OJ0R+C0Md0EkXWWFmw@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [69.144.4.56]
Content-Type: multipart/alternative; boundary="_000_b4ab82f15439491bb265ba6d64d60185uwaterlooca_"
MIME-Version: 1.0
Archived-At: <https://mailarchive.ietf.org/arch/msg/cfrg/GRhvYXz0w3a2VdPJn00o_BB6aL4>
Subject: Re: [CFRG] I-D Action: draft-irtf-cfrg-rsa-blind-signatures-02.txt
X-BeenThere: cfrg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Crypto Forum Research Group <cfrg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/cfrg>, <mailto:cfrg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/cfrg/>
List-Post: <mailto:cfrg@irtf.org>
List-Help: <mailto:cfrg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/cfrg>, <mailto:cfrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Aug 2021 03:00:25 -0000

Here are some high-level notes and one specific recommendation.


I recommend adding to Section 8.6 a discussion of U-Prove [1] and how the broader goals of this draft (use of blind signatures to address the shortcomings of VOPRFs) relate to the design of U-Prove.


I also recommend including a short discussion of practical/desired extensions to Privacy Pass and how/if these extensions can be accommodated by Blind RSA. For example, including public metadata such as expiration timestamps, etc.


Section 5.1.1


"The blinding factor r must be randomly chosen from a uniform distribution. This is typically done via rejection sampling."


Is this not implied by the function random_integer_uniform?


Best,

Chelsea


[1] https://www.microsoft.com/en-us/research/project/u-prove/



________________________________
From: CFRG <cfrg-bounces@irtf.org> on behalf of Stanislav V. Smyshlyaev <smyshsv@gmail.com>
Sent: Thursday, August 5, 2021 10:01:32 PM
To: CFRG
Cc: cfrg-chairs@ietf.org
Subject: Re: [CFRG] I-D Action: draft-irtf-cfrg-rsa-blind-signatures-02.txt

Dear CFRG,

As we discussed during the meeting, Alexey, Nick and I will be happy to have some reviews from the CFRG participants.

Any volunteers to review the draft?

https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-rsa-blind-signatures

Regards,
Stanislav

On Mon, 2 Aug 2021 at 22:25, Christopher Wood <caw@heapingbits.net<mailto:caw@heapingbits.net>> wrote:
On Mon, Aug 2, 2021, at 10:29 AM, Ian Goldberg wrote:
> On Mon, Aug 02, 2021 at 08:48:49AM -0700, Christopher Wood wrote:
> > As of now, there are no more outstanding issues against this draft. The editors think this version is feature complete and would welcome additional review. Please send any and all feedback either here on the list or as an issue:
> >
> >    https://github.com/cfrg/draft-irtf-cfrg-blind-signatures/issues
>
> In 8.6, should "Signers can enforce concurrent sessions" be "Signers can
> enforce a limit on concurrent sessions"?

Yep, thanks!

   https://github.com/cfrg/draft-irtf-cfrg-blind-signatures/pull/88

Best,
Chris

_______________________________________________
CFRG mailing list
CFRG@irtf.org<mailto:CFRG@irtf.org>
https://www.irtf.org/mailman/listinfo/cfrg