IETF Logo Mail Archive

Re: [Privacy-pass] The harms of popular bits

Steven Valdez <svaldez@google.com> Thu, 21 March 2024 01:31 UTC

Return-Path: <svaldez@google.com>
X-Original-To: privacy-pass@ietfa.amsl.com
Delivered-To: privacy-pass@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2077EC14CF1A for <privacy-pass@ietfa.amsl.com>; Wed, 20 Mar 2024 18:31:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.605
X-Spam-Level:
X-Spam-Status: No, score=-17.605 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, ENV_AND_HDR_SPF_MATCH=-0.5, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001, USER_IN_DEF_DKIM_WL=-7.5, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=google.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4ez2CxnwB6ku for <privacy-pass@ietfa.amsl.com>; Wed, 20 Mar 2024 18:31:34 -0700 (PDT)
Received: from mail-io1-xd2b.google.com (mail-io1-xd2b.google.com [IPv6:2607:f8b0:4864:20::d2b]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 08FEFC14F61C for <privacy-pass@ietf.org>; Wed, 20 Mar 2024 18:31:33 -0700 (PDT)
Received: by mail-io1-xd2b.google.com with SMTP id ca18e2360f4ac-7c7ee7fa1d8so14126939f.1 for <privacy-pass@ietf.org>; Wed, 20 Mar 2024 18:31:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1710984692; x=1711589492; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=uoJ0NWo5p7FXzgFQTAEMJihMs2Fm8roEKDzhqj+rg4k=; b=WC+Uc8qvfz0yh0kRfggWIWfHMxOiDvNCXSEGpb/cgq0pZZouwep/Ajo7nLhGoRC8SL ub4EFFvl2xbYiTb5u3YZSif7vvoDHPrI5yE0j7Dxnu9ehtbvUS36CnGG9W1EM/nsMKiv 1LUzGPwEimfEbFE6rxOqWMKzfUhe1jINMTi9BbCi5lVhxkONGMdArEsuy9Gz0se56FQ8 oJO9tjifRHwTuAz5+k+qTruhgEOcwqVYeX7nxASwqGv0C23hoBqToD3jpxFjtTPzUTxJ XR/K9A294t3W2boshMohmTaHFNzfOKw+kV6W1zOdL8jvUPuDeSjCjkWg3kb/9t9WA2lE Imsg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710984692; x=1711589492; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=uoJ0NWo5p7FXzgFQTAEMJihMs2Fm8roEKDzhqj+rg4k=; b=Qz7SrRKZgpA7jmV//wdgz4quUlZ6t1LyfPkh4TYt//U9ahwii7huOVqxuzvVlwLk7H UYKLX1k/LfyDXT9nc6voUunCSvZaFuGMce170xeT4s3PTQvGJLNnlWEOKuw3KnL0s3Ka qQUgrrqk98bPastIxL8xqroqrov4CKc+M8a3MhrOO2guBeTcmQe37dcka3SF+S/aaj6s b5+PI1esHa/FjBGKrlP1ayQP1jnSbwu5wXbhtZGDqFb7wk/T/Ckknz1269FBW5JF/krr r7IYLiOisISmUuRPa6cFxRQdW1MWynSXhCRKU6ur/Fv97UXBNkIZIiZq9SzjokkfJlKG A//g==
X-Forwarded-Encrypted: i=1; AJvYcCUhyBc7uZUaRt8HV4GA1ZFSVOh1VOlrcLY/I1GAmRhjHXvb1ADV0pS0y9t9h86STaOz9uJ5PnyE3R5T+8D2l+31KScXFtw=
X-Gm-Message-State: AOJu0Yz6Kz0iJCvhNkHsXqc8T69YUlDRiYu5kvXMYS3nJeSYD4yjgl+c jg0ELU7nKVG4t75nPhvxhDMbCUwYxk1HKHWQVjJixBNKwmylLwiSf16us42Tq3swTvhqcWmu++6 C+4ITMK6NLzK3r6J1jWe1GGGt0CxUdo9TI5em
X-Google-Smtp-Source: AGHT+IHj0HrXqndxEvm0TLJX6pJcqb4tPVRK7HiTQiLoUDq++vGGSLLuKxjBCwM7OLfrnZNsOKuXVUkNqMZXQRm2YP0=
X-Received: by 2002:a5d:9398:0:b0:7cf:202:50f with SMTP id c24-20020a5d9398000000b007cf0202050fmr672018iol.13.1710984691859; Wed, 20 Mar 2024 18:31:31 -0700 (PDT)
MIME-Version: 1.0
References: <CACsn0ck4whpCv+nnHDVOaa-kEW4a7OMx1PgCpFpfdQb=gX0_sw@mail.gmail.com> <85657569-B01B-4F2A-94F5-B171B36BCCF6@apple.com>
In-Reply-To: <85657569-B01B-4F2A-94F5-B171B36BCCF6@apple.com>
From: Steven Valdez <svaldez@google.com>
Date: Thu, 21 Mar 2024 11:31:18 +1000
Message-ID: <CANduzxDhy-nCYowvNaJNqcoxAhxA6yCbWStoZnNWFB4-keAe+g@mail.gmail.com>
To: Tommy Pauly <tpauly=40apple.com@dmarc.ietf.org>
Cc: Watson Ladd <watsonbladd@gmail.com>, privacy-pass@ietf.org
Content-Type: multipart/alternative; boundary="000000000000c6c654061421aacc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/privacy-pass/atZhmj4tBkD8vvInB_rBj8hpbm8>
Subject: Re: [Privacy-pass] The harms of popular bits
X-BeenThere: privacy-pass@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Privacy Pass Protocol <privacy-pass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/privacy-pass/>
List-Post: <mailto:privacy-pass@ietf.org>
List-Help: <mailto:privacy-pass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/privacy-pass>, <mailto:privacy-pass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2024 01:31:35 -0000

I'm not sure that the unified vs split model makes a meaningful difference
for this particular problem? In both cases, it's a question of whether the
client trusts the attester on what it is using to make its attestation.
Whether the issuer is the same server or split doesn't change what the
issuer can see without collusion with the attester. The bigger difference
is whether you do have a set of trusted attesters versus a wider set of
less trustworthy attesters and then how you measure the impact of those
differences.

On Thu, Mar 21, 2024 at 9:37 AM Tommy Pauly <tpauly=
40apple.com@dmarc.ietf.org> wrote:

> I do think that the model (unified attester+issuer vs split
> attester/issuer) does make a difference here. If the client (*via trust*)
> has a better awareness of (a) what it discloses to the attester and (b)
> what the common properties and size of of the anonymity set through that
> attester are, then there is far less ability to have the bit be linked to
> unwanted characteristics. I.e., if I’m using an attester that is used by an
> Apple device, I know that the bit that I’m expressing from the Attester to
> the Issuer (if I trust it not to leak more) is that I’m on a particular
> device type, and then that the bit to the origins is the combination of
> that bit with the bits of all other Attesters the Issuer trusts.
>
> Tommy
>
> On Mar 20, 2024, at 11:26 PM, Watson Ladd <watsonbladd@gmail.com> wrote:
>
> Dear privacy pass WG,
>
> I think the discussion of harms in the web context missed the issue, which
> I'll admit was rather subtly presented. Issuers might not be issuing tokens
> based on attributes like bot or not but rather characteristics such as race
> or religion we'd prefer not to. This even happens innocently.
>
> Using private state tokens as an example social networks and dating sites
> have a lot of information about user interaction and humanity as a result.
> But I don't think we want sites to hunt for tokens from dating sites that
> may be oriented to particular demographics.
>
> This can even happen unintentionally. If you have some sort of model
> looking at how users interact based on the bits you have and then selecting
> offers to show based on it this can end up discriminating even though the
> bit officially means human. It's just who issued it reveals more than that,
> even if they issue often.
>
> I hope this clarifies the remarks I made at the mic.
>
> Sincerely,
> Watson
> --
> Privacy-pass mailing list
> Privacy-pass@ietf.org
> https://www.ietf.org/mailman/listinfo/privacy-pass
>
>
> --
> Privacy-pass mailing list
> Privacy-pass@ietf.org
> https://www.ietf.org/mailman/listinfo/privacy-pass
>


-- 

 Steven Valdez |  Chrome Privacy Sandbox |  svaldez@google.com |  Cambridge,
MA

v2.23.0 | Report a Bug | By Email