IETF Logo Mail Archive

Re: [Mimi] Metadata Minimal MIMI (MIMIMI)

Raphael Robert <ietf@raphaelrobert.com> Sun, 07 April 2024 17:50 UTC

Return-Path: <ietf@raphaelrobert.com>
X-Original-To: mimi@ietfa.amsl.com
Delivered-To: mimi@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7CC7C14F5FF for <mimi@ietfa.amsl.com>; Sun, 7 Apr 2024 10:50:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.095
X-Spam-Level:
X-Spam-Status: No, score=-7.095 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=raphaelrobert.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Hh3tUop45lmC for <mimi@ietfa.amsl.com>; Sun, 7 Apr 2024 10:50:29 -0700 (PDT)
Received: from mail-wr1-x42e.google.com (mail-wr1-x42e.google.com [IPv6:2a00:1450:4864:20::42e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 03CF2C14F5F7 for <mimi@ietf.org>; Sun, 7 Apr 2024 10:50:28 -0700 (PDT)
Received: by mail-wr1-x42e.google.com with SMTP id ffacd0b85a97d-33ff53528ceso2975844f8f.0 for <mimi@ietf.org>; Sun, 07 Apr 2024 10:50:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=raphaelrobert.com; s=rr; t=1712512227; x=1713117027; darn=ietf.org; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:from:to:cc:subject:date:message-id:reply-to; bh=3gOgEAeHQdnpSZBJ3y7RLMVa11ghYZH3HCoP+btrGPA=; b=eHHqu/U6sQEsUDAOr6VPlFh+hUL7Iyl4gJEvNdVRHVx77oD8NrGtxDabCxWMapL7ON 05WODPLTsVfKa2SDU2Rp2rkJOqM01o1WU9nerdIkjcM5SD1YvSd42+BU8K+BylMi1MHp iMKxpHjTR6DwqGdS+SdqvzDLwQOE/zQwZmI/o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712512227; x=1713117027; h=references:to:cc:in-reply-to:date:subject:mime-version:message-id :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=3gOgEAeHQdnpSZBJ3y7RLMVa11ghYZH3HCoP+btrGPA=; b=NunpcTNJu3ufco2gyLk6dT+MYqEma5IrzCgEQ26j/t1O4GKzlTYtJDFViKgNNWWxZ8 x6EPidyi7TsfnQOIsv1ou0db9mrXBJwBa3/0hY4MkCH9wKh9ytjry9NG6C5Jz7MVfK9d iyYiW6gCn182pUYpShiEiCZJXyATb/N30l2lo0xZ7MYyIZzVhhG5hAOvAqnxC8FxTQ0v wXYlh01mvoYzQtGOoLN7/RQeOZpRHP/p5aUy5GvTuQohYC03A/kzjVyh3PSjERVNpamY KDGbLJ8kmi7hLC/iZfSzOE5/6qfssD+FBVFxM+MgWKqPB9efbFGDparxgdCc3RbNdtKe rI7w==
X-Forwarded-Encrypted: i=1; AJvYcCUk6WV9jYFTEM/OOey1urAZtJW7UPIiT8LoXYyKBzsmTP/kSAXXO5BCuEx9xMMeEdpENFJ0Ib2XzwDIet+w
X-Gm-Message-State: AOJu0YyscmYrzhn3izHndpQQlVEWtijwPN7c75tqbpxlMdYoYkkGowyL ZzMygJPdXNhi9aJGk+kqJwB20jWZcdiUDCfwzOMxz0c1oxTmqXUr1Xp+hkShjoI=
X-Google-Smtp-Source: AGHT+IH3288cZTqNcjwaa/xpHTVo/zWAiQHohiX7owurxst6FlYUKH/H79zPzgMYiQ7Rd+pt0fO0GA==
X-Received: by 2002:adf:f192:0:b0:343:b5dd:f6a6 with SMTP id h18-20020adff192000000b00343b5ddf6a6mr5364160wro.4.1712512226666; Sun, 07 Apr 2024 10:50:26 -0700 (PDT)
Received: from smtpclient.apple (dynamic-2a01-0c22-b10a-3c00-44ba-aba7-9805-a0fd.c22.pool.telefonica.de. [2a01:c22:b10a:3c00:44ba:aba7:9805:a0fd]) by smtp.gmail.com with ESMTPSA id z17-20020a5d4c91000000b00343cc702c56sm7072943wrs.47.2024.04.07.10.50.26 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128); Sun, 07 Apr 2024 10:50:26 -0700 (PDT)
From: Raphael Robert <ietf@raphaelrobert.com>
Message-Id: <0855CD0E-7A7C-4F0D-B90C-5F48A5A36B5A@raphaelrobert.com>
Content-Type: multipart/alternative; boundary="Apple-Mail=_3394E7D6-99D0-4159-9720-70D5C1EF1B0F"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3774.500.171.1.1\))
Date: Sun, 07 Apr 2024 19:50:15 +0200
In-Reply-To: <CAKoiRua3Z2JwMGeN2aHswKtyhDSnCJT++kS7JkioVPQtC7n4mQ@mail.gmail.com>
Cc: Konrad Kohbrok <konrad.kohbrok@datashrine.de>, mimi@ietf.org
To: Rohan Mahy <rohan.mahy@gmail.com>
References: <8381F4BA-4E8E-4CE0-9FEF-20CEDD30A2CC@datashrine.de> <CAKoiRua3Z2JwMGeN2aHswKtyhDSnCJT++kS7JkioVPQtC7n4mQ@mail.gmail.com>
X-Mailer: Apple Mail (2.3774.500.171.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/mimi/xEcbtLQn6PQXOpIVJI2Dpd1B3F8>
Subject: Re: [Mimi] Metadata Minimal MIMI (MIMIMI)
X-BeenThere: mimi@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: More Instant Messaging Interoperability <mimi.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mimi>, <mailto:mimi-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mimi/>
List-Post: <mailto:mimi@ietf.org>
List-Help: <mailto:mimi-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mimi>, <mailto:mimi-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Apr 2024 17:50:33 -0000

Hi Rohan,

Thanks for the feedback, see my comments inline:

> Could you elaborate a bit more about the bearer token construction please?

At this point this is an abstract mechanism that allows Bob to fetch Alice’s KeyPackages by proving to the server he knows Alice (i.e. they have established a connection). We’ll follow up with a concrete proposal, but there’s probably more than one way to achieve that.

> I am concerned about the use of last-resort KeyPackages, suggested in the draft but I don't think they is necessary. If Alice and Bob want to communicate and can scan a unique joining code, exchange a joining code out-of-band, or get introduced via a trusted third party, then either of them can bootstrap the conversation with a unique KP. Once they are established, adding each other to new groups using new distinct pseudonyms is fairly straightforward. 

The last-resort KPs only come into play if one party hasn’t been online for a long time. Note that this isn’t specific to the low metadata proposal, but there’s a potential impact on privacy in this case. There is simply no way to guarantee unique KPs, unless clients upload an infinite amount of them. Hopefully we can improve the potential privacy impact going forward.

> In another model we use for anonymous communication, Alice is, for example, a journalist working on a tip line and Bob is a whistleblower. Bob uses an ephemeral pseudonym to get a KP from Alice and authenticates her strong identity in the KP. Bob forms a two-client group and sends one message to Alice asking for an anonymous connection, possibly including an intro teaser to Alice. (Alice must be prepared to get many bogus requests on a tip line). If Alice decides to continue communicating with Bob, Alice and Bob provide new ephemeral pseudonyms and KPs inside their temporary group. If Bob trusts that Alice is honest, they end up with a new group containing them whose pseudonyms are uncorrelated to their real identity or Bob's introduction identity. 

It’s maybe worth reiterating the scope of the proposal: the metadata minimization is specific to the metadata seen by operators. This is not an attempt to hide metadata from conversation participants or to achieve a form of deniability. I see that as interesting, but entirely orthogonal problems. What you describe above can possibly be achieved with the VCs you mentioned in the past, as there is no particular restriction on credentials that comes with our proposal.

Thanks

Raphael

> 
> thanks,
> -rohan
> 
> 
> 
> On Fri, Apr 5, 2024, 05:34 Konrad Kohbrok <konrad.kohbrok@datashrine.de <mailto:konrad.kohbrok@datashrine.de>> wrote:
>> Hi folks,
>> 
>> Raphael and I just uploaded an I-D with a proposal that sketches a pseudonym-based MIMI variant that aims to reduce MIMI’s metadata footprint. You can find it here: https://datatracker.ietf.org/doc/draft-kohbrok-mimi-metadata-minimalization/
>> 
>> We have been working on this approach for a while now and have already implemented and run a variant of what’s described in the I-D.
>> 
>> The I-D is quite high-level for now to make the concepts easier to grasp. If people are interested we can fill in gaps and add details in the next iterations.
>> 
>> Looking forward to continuing the discussion around metadata in the context of MIMI and any questions regarding our I-D!
>> 
>> Cheers,
>> Konrad
>> 
>> -- 
>> Mimi mailing list
>> Mimi@ietf.org <mailto:Mimi@ietf.org>
>> https://www.ietf.org/mailman/listinfo/mimi
> -- 
> Mimi mailing list
> Mimi@ietf.org
> https://www.ietf.org/mailman/listinfo/mimi

v2.23.0 | Report a Bug | By Email