Re: [hiprg] Adding Identity privacy to HIP DEX

Tobias Heer <heer@cs.rwth-aachen.de> Wed, 06 April 2011 07:46 UTC

Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hiprg@core3.amsl.com
Delivered-To: hiprg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E08C93A6987 for <hiprg@core3.amsl.com>; Wed, 6 Apr 2011 00:46:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.801
X-Spam-Level:
X-Spam-Status: No, score=-4.801 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wSG+mVZ9d-jj for <hiprg@core3.amsl.com>; Wed, 6 Apr 2011 00:46:37 -0700 (PDT)
Received: from mta-2.ms.rz.rwth-aachen.de (mta-2.ms.rz.RWTH-Aachen.DE [134.130.7.73]) by core3.amsl.com (Postfix) with ESMTP id 815EB3A68D6 for <hiprg@irtf.org>; Wed, 6 Apr 2011 00:46:37 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7BIT
Content-type: text/plain; charset=us-ascii
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by mta-2.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0LJ8003H70CK5OD0@mta-2.ms.rz.RWTH-Aachen.de> for hiprg@irtf.org; Wed, 06 Apr 2011 09:48:20 +0200 (CEST)
X-IronPort-AV: E=Sophos;i="4.63,309,1299452400"; d="scan'208";a="104751765"
Received: from relay-auth-1.ms.rz.rwth-aachen.de (HELO relay-auth-1) ([134.130.7.78]) by ironport-in-1.rz.rwth-aachen.de with ESMTP; Wed, 06 Apr 2011 09:48:20 +0200
Received: from umic-i4-137-226-45-197.nn.rwth-aachen.de ([unknown] [137.226.45.197]) by relay-auth-1.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0LJ8007R20CKQI30@relay-auth-1.ms.rz.rwth-aachen.de> for hiprg@irtf.org; Wed, 06 Apr 2011 09:48:20 +0200 (CEST)
From: Tobias Heer <heer@cs.rwth-aachen.de>
In-reply-to: <4D9BB180.6010007@htt-consult.com>
Date: Wed, 06 Apr 2011 09:48:22 +0200
Message-id: <C1AF7C92-12F0-44F2-807A-728C133FCE0B@cs.rwth-aachen.de>
References: <4D9BB180.6010007@htt-consult.com>
To: Robert Moskowitz <rgm@htt-consult.com>
X-Mailer: Apple Mail (2.1082)
Cc: hiprg@irtf.org
Subject: Re: [hiprg] Adding Identity privacy to HIP DEX
X-BeenThere: hiprg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "Host Identity Protocol \(HIP\) Research Group" <hiprg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/hiprg>
List-Post: <mailto:hiprg@irtf.org>
List-Help: <mailto:hiprg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/hiprg>, <mailto:hiprg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Apr 2011 07:46:39 -0000

Hi Robert,

Am 06.04.2011 um 02:19 schrieb Robert Moskowitz:

> I faded early this evening and woke up in the middle of the night (hey, I am in Stockholm right now, it is 2am) with perhaps a wild idea that may make some sense.
> 
> I forfeited Identity privacy and PFS in DEX with moving the HI to ECDH and that ECDH exchange as the extent of the public key crypto in DEX.
> 
> Here is my thought.  The Initiator has TWO ECDH key pairs.  One is the HI, the other is an identity privacy key (IPK?).  I2 uses the IPK on the 'outside' with the HI encrypted for an 'inner' ECDH protected exchange.  The responders HI is still exposed.  It is ASSUMED that this is acceptable and that the Initiator has some mechanism to validate this HI to avoid a DH MITM.
> 
> I don't know if this is worth the effort to flesh out.  I have lots of other work to do on HIP-bis, HIP-DEX, core, and some Verizon projects.  So I am asking here if others see Identity privacy as important enough to persue it?
> 

Is your assumption that the outer DH exchange is not a static one? If it were static, you don't win much because the host can be identified by the outer DH key. If it is not a static DH, the host needs to generate a new DH key pair for each DEX. This can become quite costly.

Interesting idea, though!

Tobias


> 
> _______________________________________________
> hiprg mailing list
> hiprg@irtf.org
> https://www.irtf.org/mailman/listinfo/hiprg

-- 
Dipl.-Inform. Tobias Heer, Ph.D. Student
Chair of Communication and Distributed Systems - comsys
RWTH Aachen University, Germany
tel: +49 241 80 207 76
web: http://www.comsys.rwth-aachen.de/team/tobias-heer/
blog: http://dtobi.wordpress.com/
card: http://card.ly/dtobi
pgp id: AEECA5BF