[Pearg] Hints of a "CAP Theorem" for identity?

"David R. Oran" <daveoran@orandom.net> Tue, 15 August 2023 12:17 UTC

Return-Path: <daveoran@orandom.net>
X-Original-To: pearg@ietfa.amsl.com
Delivered-To: pearg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A2A38C151556 for <pearg@ietfa.amsl.com>; Tue, 15 Aug 2023 05:17:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.908
X-Spam-Level:
X-Spam-Status: No, score=-6.908 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=crystalorb.net header.b="LLkoy2yq"; dkim=neutral reason="invalid (unsupported algorithm ed25519-sha256)" header.d=crystalorb.net header.b="wJWMjcvv"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KbpmKTMnHW_h for <pearg@ietfa.amsl.com>; Tue, 15 Aug 2023 05:17:50 -0700 (PDT)
Received: from crystalorb.net (omega.crystalorb.net [IPv6:2600:3c01:e000:42e::1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7A27FC151548 for <Pearg@irtf.org>; Tue, 15 Aug 2023 05:17:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=crystalorb.net; s=mail; h=Content-Type:MIME-Version:Message-ID:Date:Subject :To:From:From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc:MIME-Version: Content-Type:Content-Transfer-Encoding:Content-ID:Content-Description: Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID: In-Reply-To:References:List-Id:List-Help:List-Unsubscribe:List-Subscribe: List-Post:List-Owner:List-Archive; bh=aZDsb0X6I3+/N69CyGvD7VBFH86PxxwlIiwh+31UU2I=; b=LLkoy2yqkK0N38b5pudU9lV2Er m+krtYuzXaB2/iDDfqDL8cF1+8mdd0sy8TuYEe48E+AS5wh7i1pG/7QcG9i+IQP14xSvOziiZg6YP n3PTLu3iqej2lcUeq0EJ2aoS//rWrEPTi1tUbB/xcgRWVRjweSbArFRgmYBHaKFDlFNo=;
DKIM-Signature: v=1; a=ed25519-sha256; q=dns/txt; c=relaxed/relaxed; d=crystalorb.net; s=omegamail; h=Content-Type:MIME-Version:Message-ID:Date: Subject:To:From:From:Sender:Reply-To:Subject:Date:Message-ID:To:Cc: MIME-Version:Content-Type:Content-Transfer-Encoding:Content-ID: Content-Description:Resent-Date:Resent-From:Resent-Sender:Resent-To:Resent-Cc :Resent-Message-ID:In-Reply-To:References:List-Id:List-Help:List-Unsubscribe: List-Subscribe:List-Post:List-Owner:List-Archive; bh=aZDsb0X6I3+/N69CyGvD7VBFH86PxxwlIiwh+31UU2I=; b=wJWMjcvvXO1s3DTECUSN75hAiK CUQ90Hwuk1UPHdDoUTTvZvvLlcS9JLyvKoI79qBaK8ccChQl8zudCLxNHeBw==;
Received: from [2601:184:407f:80cf:c519:c2d0:f3a:80aa] (helo=[192.168.15.242]) by crystalorb.net with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.94.2) (envelope-from <daveoran@orandom.net>) id 1qVswL-007U9z-8V for Pearg@irtf.org; Tue, 15 Aug 2023 05:14:25 -0700
From: "David R. Oran" <daveoran@orandom.net>
To: Pearg@irtf.org
Date: Tue, 15 Aug 2023 08:17:44 -0400
X-Mailer: MailMate (1.14r5937)
Message-ID: <7CA3C953-7246-40EF-BCAA-F2C0DBF62344@orandom.net>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=_MailMate_602CD5DC-C064-4B0D-B984-28C0D9DF9F2F_="; micalg="sha-256"; protocol="application/pkcs7-signature"
X-SA-Exim-Connect-IP: 2601:184:407f:80cf:c519:c2d0:f3a:80aa
X-SA-Exim-Mail-From: daveoran@orandom.net
X-SA-Exim-Scanned: No (on crystalorb.net); SAEximRunCond expanded to false
Archived-At: <https://mailarchive.ietf.org/arch/msg/pearg/vnO4aTtAe21C2LFkmhLiDUGiYck>
Subject: [Pearg] Hints of a "CAP Theorem" for identity?
X-BeenThere: pearg@irtf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Enhancements and Assessment Proposed RG <pearg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/pearg>, <mailto:pearg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pearg/>
List-Post: <mailto:pearg@irtf.org>
List-Help: <mailto:pearg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/pearg>, <mailto:pearg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Aug 2023 12:17:54 -0000

https://arxiv.org/pdf/2308.02202.pdf

Abstract:
Trolls, bots, and sybils distort online discourse and compromise the security of networked platforms. User identity is central to the vectors of attack and manipulation employed in these contexts. However it has long seemed that, try as it might, the security community has been unable to stem the rising tide of such problems. We posit the Ghost Trilemma, that there are three key properties of identity—sentience, location, and uniqueness—that cannot be simultaneously verified in a fully-decentralized setting. Many fully-decentralized systems—whether for communication or social coordination—grapple with this trilemma in some way, perhaps unknowingly. In this Systematization of Knowledge (SoK) paper, we examine the design space, use cases, problems with prior approaches, and possible paths forward. We sketch a proof of this trilemma and outline options for practical, incrementally deployable schemes to achieve an acceptable tradeoff of trust in centralized trust anchors, decentralized operation, and an ability to withstand a range of attacks, while protecting user privacy