IETF Logo Mail Archive

Re: [Trans] Privacy-preserving proof of sct exclusion

Saba Eskandarian <sabae@stanford.edu> Mon, 27 March 2017 04:17 UTC

Return-Path: <sabae@stanford.edu>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D7F9C1276AF for <trans@ietfa.amsl.com>; Sun, 26 Mar 2017 21:17:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=office365stanford.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zmFpF0r7gboV for <trans@ietfa.amsl.com>; Sun, 26 Mar 2017 21:17:12 -0700 (PDT)
Received: from mx0a-00000d04.pphosted.com (mx0a-00000d04.pphosted.com [148.163.149.245]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4656126D85 for <trans@ietf.org>; Sun, 26 Mar 2017 21:17:11 -0700 (PDT)
Received: from pps.filterd (m0102889.ppops.net [127.0.0.1]) by mx0a-00000d04.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v2R4DMAM009103; Sun, 26 Mar 2017 21:17:09 -0700
Received: from mx0b-00000d03.pphosted.com (mx0b-00000d03.pphosted.com [148.163.153.234]) by mx0a-00000d04.pphosted.com with ESMTP id 29dnv3b4fb-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 26 Mar 2017 21:17:08 -0700
Received: from pps.filterd (m0102883.ppops.net [127.0.0.1]) by mx0a-00000d03.pphosted.com (8.16.0.20/8.16.0.20) with SMTP id v2R4FXUR012997; Sun, 26 Mar 2017 21:17:07 -0700
Received: from codegreen6.stanford.edu (codegreen6.stanford.edu [171.67.224.8]) by mx0a-00000d03.pphosted.com with ESMTP id 29dq1324r4-1 (version=TLSv1 cipher=AES256-SHA bits=256 verify=NOT); Sun, 26 Mar 2017 21:17:07 -0700
Received: from codegreen6.stanford.edu (localhost.localdomain [127.0.0.1]) by codegreen6.stanford.edu (Postfix) with ESMTP id 2157146; Sun, 26 Mar 2017 21:17:07 -0700 (PDT)
Received: from NAM02-SN1-obe.outbound.protection.outlook.com (mail-sn1nam02lp0016.outbound.protection.outlook.com [216.32.180.16]) by codegreen6.stanford.edu (Postfix) with ESMTP id B5F8B54; Sun, 26 Mar 2017 21:17:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=office365stanford.onmicrosoft.com; s=selector1-stanford-edu; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=N7M2N4a+/m1rNAv2uSKejeIBrOb/OCn6UKhEQMIDbv8=; b=pjozuwYRPTn3/SpLJnnnDOmqo2F9yIi/b2S+4uit7HLliAqzRFv6ZqvT+EbsOIdEXDWlDqM5026zsoZrCDuG7esbLYZGw6T3NdA31p0HE3D/rLNVPA/85VslwpLo+KcixB2/jFZENMV0FmB4jYtfosQMqVQYHAXPLeTsKODZdT8=
Received: from MWHPR02MB2861.namprd02.prod.outlook.com (10.175.50.136) by MWHPR02MB2862.namprd02.prod.outlook.com (10.175.50.137) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.991.14; Mon, 27 Mar 2017 04:16:53 +0000
Received: from MWHPR02MB2861.namprd02.prod.outlook.com ([10.175.50.136]) by MWHPR02MB2861.namprd02.prod.outlook.com ([10.175.50.136]) with mapi id 15.01.0991.020; Mon, 27 Mar 2017 04:16:53 +0000
From: Saba Eskandarian <sabae@stanford.edu>
To: Ben Laurie <benl@google.com>
CC: "trans@ietf.org" <trans@ietf.org>
Thread-Topic: [Trans] Privacy-preserving proof of sct exclusion
Thread-Index: AQHSpbii8uKV+c47g06WvQijP+zFvqGnVY2AgAC8Fco=
Date: Mon, 27 Mar 2017 04:16:52 +0000
Message-ID: <MWHPR02MB28614CE50312B5F12ABEB91EC3330@MWHPR02MB2861.namprd02.prod.outlook.com>
References: <MWHPR02MB2861B9B66FE5AE28613ECFB5C3310@MWHPR02MB2861.namprd02.prod.outlook.com>, <CABrd9SQDDBmmaOFn5Nk24qe-WyPYJGx02-PrYNPzr+oqd1braQ@mail.gmail.com>
In-Reply-To: <CABrd9SQDDBmmaOFn5Nk24qe-WyPYJGx02-PrYNPzr+oqd1braQ@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=stanford.edu;
x-originating-ip: [2601:647:5400:6400::91e4]
x-microsoft-exchange-diagnostics: 1; MWHPR02MB2862; 7:GxWQ1TEJ9qGogalBEggj799vifB16YboigktmxGCXWPKQLYuBo+Qu0FnBhgNIRR1BZ5IsdcWSDZLM7/iFEmH76XgdsO8nClYIRQmOQ2y/Vs0lEe1b3kzNsbjKP2Fp13/ur5qqJDQEiTG7ntTRwhxPaX163nX1X1CyMu8R/5y3LoLGT+JaGCbC2z6enjiFh/7tGeHCPXv5swWkKGUJujtaVMSX4zGHxF2zEjZSzE9/Yqm2AF3lJUlibPoWF6dgpFZtfd0t43962FCeA2YfO+Ah+L0tWNd7D0tepOdtMxOIZrrpGfYy7Jug0qfjty8uaREFyDKI8N+jHDjcKMLnkxaWw==
x-ms-office365-filtering-correlation-id: c25ea912-3961-497c-1677-08d474c81936
x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(22001)(2017030254075); SRVR:MWHPR02MB2862;
x-microsoft-antispam-prvs: <MWHPR02MB2862BA8FF8120B7410A77B44C3330@MWHPR02MB2862.namprd02.prod.outlook.com>
x-exchange-antispam-report-test: UriScan:(127643986962959)(211936372134217);
x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(6040375)(601004)(2401047)(8121501046)(5005006)(3002001)(10201501046)(6041248)(20161123555025)(20161123564025)(20161123562025)(20161123560025)(20161123558025)(6072148); SRVR:MWHPR02MB2862; BCL:0; PCL:0; RULEID:; SRVR:MWHPR02MB2862;
x-forefront-prvs: 02596AB7DA
x-forefront-antispam-report: SFV:NSPM; SFS:(10019020)(39410400002)(39840400002)(24454002)(51914003)(377454003)(189998001)(99286003)(55016002)(7906003)(606005)(88552002)(6436002)(2906002)(54896002)(6116002)(86362001)(3280700002)(19627405001)(102836003)(9686003)(53936002)(6306002)(77096006)(33656002)(6506006)(3660700001)(229853002)(236005)(25786009)(53546009)(81166006)(38730400002)(110136004)(54356999)(4326008)(76176999)(122556002)(50986999)(75432002)(2900100001)(8936002)(7736002)(6606003)(6916009)(2950100002)(74316002)(6246003)(5660300001)(8676002)(7696004); DIR:OUT; SFP:1102; SCL:1; SRVR:MWHPR02MB2862; H:MWHPR02MB2861.namprd02.prod.outlook.com; FPR:; SPF:None; MLV:sfv; LANG:en;
spamdiagnosticoutput: 1:99
spamdiagnosticmetadata: NSPM
Content-Type: multipart/alternative; boundary="_000_MWHPR02MB28614CE50312B5F12ABEB91EC3330MWHPR02MB2861namp_"
MIME-Version: 1.0
X-OriginatorOrg: stanford.edu
X-MS-Exchange-CrossTenant-originalarrivaltime: 27 Mar 2017 04:16:52.8436 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 396573cb-f378-4b68-9bc8-15755c0c51f3
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MWHPR02MB2862
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-27_04:, , signatures=0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:, , definitions=2017-03-27_04:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1011 lowpriorityscore=0 impostorscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1702020001 definitions=main-1703270035
Archived-At: <https://mailarchive.ietf.org/arch/msg/trans/haRTy6freXGV9RhZunvxAP0uEUU>
Subject: Re: [Trans] Privacy-preserving proof of sct exclusion
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Mar 2017 04:17:15 -0000

Thanks for the prompt feedback! I'll make sure to address these comments in my talk, and I'm looking forward to discussing design options in person. I suspect that the flexibility of the tools and techniques we use as well as the associated engineering and privacy tradeoffs will make for an interesting discussion.


Thanks,

~saba

________________________________
From: Ben Laurie <benl@google.com>
Sent: Sunday, March 26, 2017 9:46:21 AM
To: Saba Eskandarian
Cc: trans@ietf.org
Subject: Re: [Trans] Privacy-preserving proof of sct exclusion



On 25 March 2017 at 22:39, Saba Eskandarian <sabae@stanford.edu<mailto:sabae@stanford.edu>> wrote:

Hello,

I'm on the agenda for Tuesday's meeting to share a privacy-preserving proof of sct exclusion from a log (I think Eran alluded to this work in a message a while ago).

My posted slides will not include many words, so I wanted to share a link to the preprint of our academic paper on the subject in case anyone wants to read the details there. The paper is targeted at a somewhat different audience, but it can be found here: https://arxiv.org/abs/1703.02209

Thanks and looking forward to meeting you all next week!

Cool, but I immediately see a problem - you require logs to be in timestamp order, but they aren't. I can't immediately think of a way to get that property without also considerably increasing time to inclusion in the log.

That seems undesirable - in fact, we're trying to go the other way, i.e. reduce time to inclusion, in general.

Also, engineering reality doesn't change, so increasing time to inclusion is also likely to increase MMD.

Secondly, its interesting, but doesn't seem particularly useful: when an SCT corresponds to a cert that has not been included, you want to reveal the cert, not hide it. What you want to hide is who is revealing it.


~saba

_______________________________________________
Trans mailing list
Trans@ietf.org<mailto:Trans@ietf.org>
https://www.ietf.org/mailman/listinfo/trans

v2.23.0 | Report a Bug | By Email