IETF Logo Mail Archive

Re: [Endymail] [messaging] Mesh/Recrypt

Phillip Hallam-Baker <phill@hallambaker.com> Tue, 23 August 2016 02:57 UTC

Return-Path: <hallam@gmail.com>
X-Original-To: endymail@ietfa.amsl.com
Delivered-To: endymail@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 74E2812D1A2 for <endymail@ietfa.amsl.com>; Mon, 22 Aug 2016 19:57:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.597
X-Spam-Level:
X-Spam-Status: No, score=-2.597 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.001, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RT5pcuA3mp91 for <endymail@ietfa.amsl.com>; Mon, 22 Aug 2016 19:57:46 -0700 (PDT)
Received: from mail-qk0-x22d.google.com (mail-qk0-x22d.google.com [IPv6:2607:f8b0:400d:c09::22d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9A738124281 for <endymail@ietf.org>; Mon, 22 Aug 2016 19:57:46 -0700 (PDT)
Received: by mail-qk0-x22d.google.com with SMTP id v123so95995092qkh.2 for <endymail@ietf.org>; Mon, 22 Aug 2016 19:57:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=O93CzImOdRSAQbHZoHJWp3DB1pHMimNExNskX3rxeQA=; b=XnYp6Eet4idJLU95s34eknPn+1Mn266kGrSuSbxZrlwNzb8CX+vFP6ZEXDBXxyQzao acmc1S8W4rOyinA2XW9KrFxXbYomz7OQYc9IxupItc3XyqDCaZygu+WUywrXcWYaMv6l 5aq5Y04u7Y3d+ylAbME7AMTAAT261J7AohVDTburu1zwgf3eoD2TawUW+DS9hSP5Tx2y z+XFTyn7+82pQaOYp8Y2NxZDRlRHnhGk3isCSvmcnQgj2l+P2/9ZpACnBhmhMlyKnG9E zzULNlCrXYRGrJqGrV5ligG8wicHi7N/5RJcaPebNqX50+26lhbU8ubnTpyvorTOiNS1 Yefw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=O93CzImOdRSAQbHZoHJWp3DB1pHMimNExNskX3rxeQA=; b=LIAvI0Tr1IRE0JDp3KoA3a/m0/aRozCZeJUD+lC5pNMwTW4BlSbjvD0AdGZT3DEE9l eJGii586jdhV5J7CUBRKEux7keDVo2v4NCWP72evyt8FA4gO1fjRPEcXoLBaYxuIWyfv j8kyrdWo+rm2X9PBHA6XP6bJeN3Qr60thsgLTaCnbjcHb307LxphH4WyI0u6KmBni3Vf q44m/CyoOt/ZhGkpj5pxs9ABQnLtWlgSjzBudW+Q0IUISTiAX+a/bSq6HGcHk/o43yOj OhfBi7O3fOYdRRlhB3oIHLtUzulJV0F7joIA+6u8IcP6YhbcAr66/U9402sjHEVuoSiS RhQw==
X-Gm-Message-State: AEkoouvO/k7C0MSc5+biq5ZHPgVAPtroeoKZfPWNwXf3yDF+HbajSThazfRKP6uSIH6aBXy4Gc56q+2v/wsEyA==
X-Received: by 10.55.186.65 with SMTP id k62mr27493365qkf.204.1471921065703; Mon, 22 Aug 2016 19:57:45 -0700 (PDT)
MIME-Version: 1.0
Sender: hallam@gmail.com
Received: by 10.55.158.211 with HTTP; Mon, 22 Aug 2016 19:57:45 -0700 (PDT)
In-Reply-To: <CAHOTMVKwHcqF3g_YDAJeTm6gQU8FrwF6O1KYaqqf+_O6M33HXw@mail.gmail.com>
References: <CAHOTMV+iHOPEzmCcngZP1aO71hKDTGkARPvWSStJ_FDhhVE+xg@mail.gmail.com> <CAMm+LwithiP7pfdyLz8BB0m=pNk6VyYxzvypdzDhA_mq03_PRA@mail.gmail.com> <CAHOTMVKwHcqF3g_YDAJeTm6gQU8FrwF6O1KYaqqf+_O6M33HXw@mail.gmail.com>
From: Phillip Hallam-Baker <phill@hallambaker.com>
Date: Mon, 22 Aug 2016 22:57:45 -0400
X-Google-Sender-Auth: NFT051DSRsGfbhxWh4PL36KAHGA
Message-ID: <CAMm+LwjSQQZ1dajrhsY_JybBgmH9wctW5YqzXq7a6NbN9tbHFw@mail.gmail.com>
To: Tony Arcieri <bascule@gmail.com>
Content-Type: multipart/alternative; boundary="94eb2c0441ce423ec0053ab45445"
Archived-At: <https://mailarchive.ietf.org/arch/msg/endymail/FJSj1dbtQqSy7UoqQqNDEqetAwA>
Cc: endymail <endymail@ietf.org>
Subject: Re: [Endymail] [messaging] Mesh/Recrypt
X-BeenThere: endymail@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: <endymail.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/endymail>, <mailto:endymail-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/endymail/>
List-Post: <mailto:endymail@ietf.org>
List-Help: <mailto:endymail-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/endymail>, <mailto:endymail-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 23 Aug 2016 02:57:48 -0000

On Mon, Aug 22, 2016 at 10:48 PM, Tony Arcieri <bascule@gmail.com> wrote:

> On Mon, Aug 22, 2016 at 4:48 PM, Phillip Hallam-Baker <
> phill@hallambaker.com> wrote:
>
>> ​I suggested followups to the endymail@ietf.org mailing list rather than
>> CFRG though.
>>
>
> Ok, CC'd! That said, here's a followup:
>
> I was kind of confused why you cite RFC7748, but then go on to explain
> things in terms of classical Diffie-Hellman.
>

​A limitation in my development environment​. I have classical DH and NIST
curves. But I don't have the new curves or the abilty to do the EC math
outside the crypto library so I can't to the recryption at the mo.


As far as an ECC-based approach goes, I think something like the multiparty
> Signal protocol[1] is a good starting point for how to solve the general
> problem, and, as far as I can tell, addresses most of the concerns you
> cited as a motivation.
>
> The specific approach you detailed could be adapted to ECC as well.
>
> [1] I'm not sure there's a more recent overview than this, which is
> probably out-of-date: https://whispersystems.org/blog/private-groups/
>
>
​The math is very similar and they can probably adapt very easily. The
difference is that their problem statement is for synchronous communication
with all the parties present for the key exchange. Recryption allows the
asynchronous case to be supported as well.

The CDC problem is essentially the problem of how do I mark a document with
a security label in a way that the administrator of the security label can
grant access to a new reader by adding them to the label.

I will read up on that though, thanks!​

v2.23.0 | Report a Bug | By Email