IETF Logo Mail Archive

[Trans] Verifying inclusion proof

Ondrej Mikle <ondrej.mikle@nic.cz> Fri, 26 June 2015 14:30 UTC

Return-Path: <ondrej.mikle@nic.cz>
X-Original-To: trans@ietfa.amsl.com
Delivered-To: trans@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EB48A1B2FAE for <trans@ietfa.amsl.com>; Fri, 26 Jun 2015 07:30:07 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.261
X-Spam-Level:
X-Spam-Status: No, score=-4.261 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HELO_EQ_CZ=0.445, HOST_EQ_CZ=0.904, RCVD_IN_DNSWL_HI=-5, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CSMfZCfyO5Xu for <trans@ietfa.amsl.com>; Fri, 26 Jun 2015 07:30:06 -0700 (PDT)
Received: from mail.nic.cz (mail.nic.cz [217.31.204.67]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EDBA01B2FAB for <trans@ietf.org>; Fri, 26 Jun 2015 07:30:05 -0700 (PDT)
Received: from [IPv6:2001:1488:fffe:6:5528:1a54:e8e2:c252] (unknown [IPv6:2001:1488:fffe:6:5528:1a54:e8e2:c252]) by mail.nic.cz (Postfix) with ESMTPSA id 490AB180D29 for <trans@ietf.org>; Fri, 26 Jun 2015 16:30:03 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=nic.cz; s=default; t=1435329003; bh=j35orgF7mJ1IodDX3z2IXwCZje3+uUVUEPsXkOgw3F0=; h=Date:From:To; b=MrfS6G4IB86obUmNX1bHRTsBNNahO871Njy9OJXeZM97NNNdjCjLhknWaobgTrImq 4ikFqlBFjLKPh7EebfuGrZ0OYeT9nsDEmaRiApjL6hHOm/V8jQ35YINAKL/lNdiRmO c5gW+0lHJJJ7izxNCNYzEM3QTjmEGtTvobqGUBIw=
Message-ID: <558D61DE.8020402@nic.cz>
Date: Fri, 26 Jun 2015 16:29:50 +0200
From: Ondrej Mikle <ondrej.mikle@nic.cz>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.7.0
MIME-Version: 1.0
To: trans@ietf.org
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
X-Virus-Scanned: clamav-milter 0.98.7 at mail
X-Virus-Status: Clean
Archived-At: <http://mailarchive.ietf.org/arch/msg/trans/s5Fe2HzJ-GymIkfPkhkJc-hM3b4>
Subject: [Trans] Verifying inclusion proof
X-BeenThere: trans@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Public Notary Transparency working group discussion list <trans.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/trans>, <mailto:trans-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/trans/>
List-Post: <mailto:trans@ietf.org>
List-Help: <mailto:trans-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/trans>, <mailto:trans-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jun 2015 14:30:08 -0000

Pardon me if I am asking something obvious, but I'm missing one piece of
information for inclusion proof verification - the "placement" of each
node returned from "get-proof-by-hash" method in audit_path list
(whether it's left subtree or right subtree).

Since the hashing of concatenation of strings is not commutative, the
auditor needs to put the two partial tree hashes in correct order to get
to the correct root hash.

I'd guess the placement of the missing nodes from audit_path could be
derived from leaf_index and tree_size, but can't see a straightforward
way to do it. The reference client does not implement this verification
either.

Ondrej

v2.23.0 | Report a Bug | By Email