Re: [hiprg] clarification of identity privacy properties of HIP base exchange
Tobias Heer <heer@cs.rwth-aachen.de> Wed, 16 February 2011 08:59 UTC
Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hiprg@core3.amsl.com
Delivered-To: hiprg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix)
with ESMTP id EAC863A6ABA for <hiprg@core3.amsl.com>;
Wed, 16 Feb 2011 00:59:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.801
X-Spam-Level:
X-Spam-Status: No, score=-4.801 tagged_above=-999 required=5
tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448,
RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com
[127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rXscfrcPvi3X for
<hiprg@core3.amsl.com>; Wed, 16 Feb 2011 00:59:50 -0800 (PST)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE
[134.130.7.72]) by core3.amsl.com (Postfix) with ESMTP id 9072B3A6DE4 for
<hiprg@irtf.org>; Wed, 16 Feb 2011 00:59:50 -0800 (PST)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=us-ascii
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by
mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04
(built Sep 26 2008)) with ESMTP id
<0LGP00MO5D0ITF10@mta-1.ms.rz.RWTH-Aachen.de> for hiprg@irtf.org;
Wed, 16 Feb 2011 10:00:18 +0100 (CET)
X-IronPort-AV: E=Sophos;i="4.60,479,1291590000"; d="scan'208";a="94630478"
Received: from relay-auth-1.ms.rz.rwth-aachen.de (HELO relay-auth-1)
([134.130.7.78]) by ironport-in-1.rz.rwth-aachen.de with ESMTP;
Wed, 16 Feb 2011 10:00:18 +0100
Received: from umic-i4-137-226-45-197.nn.rwth-aachen.de ([unknown]
[137.226.45.197]) by relay-auth-1.ms.rz.rwth-aachen.de (Sun Java(tm) System
Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id
<0LGP008Q5D0H7N20@relay-auth-1.ms.rz.rwth-aachen.de> for hiprg@irtf.org;
Wed, 16 Feb 2011 10:00:17 +0100 (CET)
From: Tobias Heer <heer@cs.rwth-aachen.de>
In-reply-to: <A547342C-0202-4600-83AB-4F355E9B29C8@cs.rwth-aachen.de>
Date: Wed, 16 Feb 2011 10:00:20 +0100
Message-id: <8E135455-32E3-4425-BF6D-09F4010F29DE@cs.rwth-aachen.de>
References: <7CC566635CFE364D87DC5803D4712A6C4CED25AE6E@XCH-NW-10V.nw.nos.boeing.com>
<4D5B8982.6040306@hiit.fi>
<A547342C-0202-4600-83AB-4F355E9B29C8@cs.rwth-aachen.de>
To: hiprg@irtf.org
X-Pgp-Agent: GPGMail 1.3.1
X-Mailer: Apple Mail (2.1082)
Subject: Re: [hiprg] clarification of identity privacy properties of HIP base
exchange
X-BeenThere: hiprg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Host Identity Protocol \(HIP\) Research Group" <hiprg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/hiprg>,
<mailto:hiprg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/hiprg>
List-Post: <mailto:hiprg@irtf.org>
List-Help: <mailto:hiprg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hiprg>,
<mailto:hiprg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Feb 2011 08:59:52 -0000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 There was a fatal flaw in my punctiation.... Am 16.02.2011 um 09:51 schrieb Tobias Heer: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > >> >>> 2) (fifth and sixth sentence) In what situations can an active attacker learn the key and identity of the Initiator (if the Initiator chooses to encrypt HOST_ID)? Opportunistic mode may be one, but are there others? >> >> I guess in any case when the public key of the recipient is not >> authenticated (e.g. by DNSSEC) and when the initiator attempts >> connecting without taking the ID of Responder from a trusted source. >> (e.g. someone storing own public key in DHT under domain name google.com) >> > The anonymous bit and the concept of pseudonym HIs is useful here. If these are not used, the Initiator authenticates to the public key/ host identity of the host, and thus, knows the HI. > An interesting question is what the "identity" of the Initiator is. > Is it its real-word identity? You need more information to figure this out? This questionmark should certainly be a fullstop. The meanong of the sentence is: > Is it its real-word identity? You need more information to figure this out. I meant that one needs some separate register or some knowledge from previous communication for mapping a HI to an identity. Sorry for any confusion. Tobias - -- Dipl.-Inform. Tobias Heer, Ph.D. Student Chair of Communication and Distributed Systems - comsys RWTH Aachen University, Germany tel: +49 241 80 207 76 web: http://www.comsys.rwth-aachen.de/team/tobias-heer/ blog: http://dtobi.wordpress.com/ card: http://card.ly/dtobi -----BEGIN PGP SIGNATURE----- Version: GnuPG/MacGPG2 v2.0.16 (Darwin) iEYEARECAAYFAk1bkiQACgkQf4eSaa7spb92NQCeI8R3mYdpSX0wCwHORViR95vC sywAn1Zzs2cv3PM4wXNsO5G2SLQq73Tp =Af+W -----END PGP SIGNATURE-----
- [hiprg] clarification of identity privacy propert… Henderson, Thomas R
- Re: [hiprg] clarification of identity privacy pro… Andrei Gurtov
- Re: [hiprg] clarification of identity privacy pro… Tobias Heer
- Re: [hiprg] clarification of identity privacy pro… Tobias Heer
- Re: [hiprg] clarification of identity privacy pro… Henderson, Thomas R