[Privacy-pass] context unlinkability
Nikita Borisov <nikita.borisov@cloudflare.com> Tue, 09 May 2023 16:48 UTC
Return-Path: <nikita.borisov@cloudflare.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1C74CC151B2C for <privacy-pass@ietfa.amsl.com>; Tue, 9 May 2023 09:48:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UEaZjiubrvFI for <privacy-pass@ietfa.amsl.com>; Tue, 9 May 2023 09:48:13 -0700 (PDT)
Received: from mail-oi1-x235.google.com (mail-oi1-x235.google.com [IPv6:2607:f8b0:4864:20::235]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 60CCFC151B2A for <privacy-pass@ietf.org>; Tue, 9 May 2023 09:48:08 -0700 (PDT)
Received: by mail-oi1-x235.google.com with SMTP id 5614622812f47-38e3228d120so3030524b6e.3 for <privacy-pass@ietf.org>; Tue, 09 May 2023 09:48:08 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; t=1683650887; x=1686242887; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=UPnaYmSmQ1U0ilU5LvYBsPhHWAz41OhWtPG5UZtlqds=; b=EkgdRPiiJjlG4WZziaPp5SCZrMpogtqGu77XynrsrCr8npjf32YaeifUTZEnL568VJ a1+vANb9+DK4iZ97fVR8/n8i9z8hCcZVjz0ENuY8gdN9R7+kGJe8bC5UQEAzMBui2ezW 0wx8IpWmhvDiL8m9nI3AuPKXLRZ2N/nggk7GQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1683650887; x=1686242887; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=UPnaYmSmQ1U0ilU5LvYBsPhHWAz41OhWtPG5UZtlqds=; b=IoLnRqtBjyxGK+zubIsHcbLptcqDWNFFQCH3e3sxZ5GODoDhMJsJXUh3V6CQdu7WZF uBVuGYCb4oO5jRmg6//xYRCTP/4H2AlQBDDtyhNaGJTIe6+qcPg+PP4Au6lSCGaJqS9X 8aKIuSNuxZGFnOLQkgxlJoN4tjA+y9NTsWBMRMgrcTERzaFhRQ9ETcEGsuqCvah3XrKv ectQWNxb1oYAnXrW/MmNmqQcIktz7oKXYopLqeZKOv8NTn7+VLpV8FbDZXO9nm9yKr/S Gp7qyrYVVArL8sX84wyLKOT5cdAoKeIVhcyd4TJJWg/le11FTQFM6cORweJ6x4jHlfZZ qvuQ==
X-Gm-Message-State: AC+VfDy+/R+femzcX2hqTxwrF6bdRj7F4qVgh/4eUCWOX9cgGYlmCnYm vMWusm508GLG4b0Itm7iM7QmEt58OD0hCwFKsjVn3FkOkC9RsPCKt5s=
X-Google-Smtp-Source: ACHHUZ6X0Bn7dRhv92k6+pVsnN6B4N/wCd1ldof7QdYtrTfK47FC9WI2vWubvdZT6QPUoenpDKAEz6s8CAyUq37Vph0=
X-Received: by 2002:a05:6808:2b0b:b0:390:7f21:5dd6 with SMTP id fe11-20020a0568082b0b00b003907f215dd6mr1291595oib.32.1683650887130; Tue, 09 May 2023 09:48:07 -0700 (PDT)
MIME-Version: 1.0
From: Nikita Borisov <nikita.borisov@cloudflare.com>
Date: Tue, 09 May 2023 11:47:56 -0500
Message-ID: <CACTKa0D75u=95Vpov4aK4BGXeisL08KF-Dddi5HBXE69erbOoA@mail.gmail.com>
To: privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000ebd3405fb45857c"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/I40SqX3vgbrDIWP8c0NhEiavG3w>
Subject: [Privacy-pass] context unlinkability
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 May 2023 16:48:17 -0000
The current architecture document defines three types of unlinkability (Origin-Client, Attester-Origin, and Issuer-Client). These maintain client privacy within any single context. However, I think an important property of privacy pass protocols is that the issuance (and attestation!) contexts should be unlinkable to the redemption context. This is actually mentioned in the Overview under point 5, but it isn't listed among privacy goals. I added a pull request (361) to add this property to the architecture document. I think this is important because without it, an issuance protocol that adds, e.g., a serial number to each issued token which MUST be shown at redemption time would still satisfy the three original unlinkability properties. Thanks, - Nikita
- [Privacy-pass] context unlinkability Nikita Borisov
- Re: [Privacy-pass] context unlinkability Christopher Wood