Re: [MLS] Deniability as external to the MLS protocol
Sofía Celi <cherenkov@riseup.net> Fri, 13 November 2020 15:02 UTC
Return-Path: <cherenkov@riseup.net>
X-Original-To: mls@ietfa.amsl.com
Delivered-To: mls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 893533A0D7B for <mls@ietfa.amsl.com>; Fri, 13 Nov 2020 07:02:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=riseup.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2gKp4r12THcT for <mls@ietfa.amsl.com>; Fri, 13 Nov 2020 07:02:09 -0800 (PST)
Received: from mx1.riseup.net (mx1.riseup.net [198.252.153.129]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 44E383A0D75 for <mls@ietf.org>; Fri, 13 Nov 2020 07:02:09 -0800 (PST)
Received: from capuchin.riseup.net (capuchin-pn.riseup.net [10.0.1.176]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (Client CN "*.riseup.net", Issuer "Sectigo RSA Domain Validation Secure Server CA" (not verified)) by mx1.riseup.net (Postfix) with ESMTPS id 4CXhWn49ZWzFmZp for <mls@ietf.org>; Fri, 13 Nov 2020 07:01:52 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=riseup.net; s=squak; t=1605279717; bh=0GIAKkPANZfhMnxUngVFRC825s8tUt6wkqDxiVZ0QYw=; h=To:References:From:Subject:Date:In-Reply-To:From; b=Igo9XWzVSy1WutUQ/sq94tMWfOMd5ixmXVfATigL5nuO7tBHf4kXCqGmsl05SD07t nFuJvJsJIwi0Pwyks8VMvCbP3WECKLK+tm42h0gQ8xnwgzaeROCUOyXL5S9/F9hOhq 93+SRqH+dqkuNUvCV2JVLvgrosQUbQOYw7cjUPtA=
X-Riseup-User-ID: 2DDA9DB24B96720AC64D0C03D19DD87DA51ECD4544C7348EC19BE6B24106DEF0
Received: from [127.0.0.1] (localhost [127.0.0.1]) by capuchin.riseup.net (Postfix) with ESMTPSA id 4CXhWh0Trcz8tn9 for <mls@ietf.org>; Fri, 13 Nov 2020 07:01:40 -0800 (PST)
To: mls@ietf.org
References: <CAL02cgTUQLwfOAhxT94AURD6Dog_1H9=bvC6c3Nox1Q8g7Nb7g@mail.gmail.com> <CAJoqpTKC-Wi4BoZG8NaYH6ixq90kk151m-Ex1qTO2H-dP0Qtuw@mail.gmail.com> <96652990-A5DD-4D5C-8B79-73656A0C10C7@wire.com>
From: Sofía Celi <cherenkov@riseup.net>
Message-ID: <a71d2649-52f4-430f-d3c6-4ca0b10678a2@riseup.net>
Date: Fri, 13 Nov 2020 15:01:38 +0000
MIME-Version: 1.0
In-Reply-To: <96652990-A5DD-4D5C-8B79-73656A0C10C7@wire.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/mls/FitDfKtiyB6VIq7QTmJdIxDUh-0>
Subject: Re: [MLS] Deniability as external to the MLS protocol
X-BeenThere: mls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Messaging Layer Security <mls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/mls>, <mailto:mls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/mls/>
List-Post: <mailto:mls@ietf.org>
List-Help: <mailto:mls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/mls>, <mailto:mls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 13 Nov 2020 15:02:11 -0000
Dear all, As you know, we had many discussions on deniability and solving this problem is not an easy task, as evidence of this thread. To make sure we can work on this optional feature in the future, without modifying the core protocol, we believe that there are no changes needed to be added to the core protocol. Some minor relaxing of the phrasing in the document might be useful, though, and might help for future features as well, so I have submitted PR #437 (https://github.com/mlswg/mls-protocol/pull/437). This rephrasing should allow deniability of application messages by allowing the usage of deniable signature keys. Please, let us know of any comments regarding it. Thank you, -- Sofía Celi @claucece http://claucece.github.io/ Cryptographic research and implementation at many places, but mainly at Cloudflare FAB9 3EDC 7CDD 1198 DCFD 4558 91BB 6B45 6F44 2D02
- [MLS] Deniability as external to the MLS protocol Richard Barnes
- Re: [MLS] Deniability as external to the MLS prot… Chelsea Komlo
- Re: [MLS] Deniability as external to the MLS prot… Raphael Robert
- Re: [MLS] Deniability as external to the MLS prot… Sofía Celi
- Re: [MLS] Deniability as external to the MLS prot… Raphael Robert
- Re: [MLS] Deniability as external to the MLS prot… Benjamin Beurdouche
- Re: [MLS] Deniability as external to the MLS prot… Natanael