[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

(Fwd) Re: Secure anonymouse server protocol: comments please

------- Forwarded Message Follows -------
From:          [email protected] (Adamsc)
To:            "[email protected]" <[email protected]>

On Mon, 2 Sep 1996 19:24:23 +0000, [email protected] wrote:

>This system has 1 huge fault, we can encrypt a uses ID with the 
>servers public key to see what his ID in the encrypted database is 
>and therefore identify him, maybe we need two seperate server public 
>keys, and when IDs come in encrypted with key1 (the one it releases) 
>it decrypts with secretkey1 then encrypts with publickey2 (the one it 
>keeps secret)

>or maybe we can just hash and sign the IDs in the database?

>as I said it`s very sketchy, I made most of this up as I wrote it so 
>if you must tear it to pieces please do so constructively, it could 
>be the route to a secure system....

How about this:  do the exchange *every* time.  Never reuse a key.  That way at
most 1 message could be easily snagged (by seeing where it goes).  It'd be
processor intensive, but it avoids the whole reuse problem - where you store an
ID to be used to retrieve all messages.  Also, software could be written to do
the key computation solely on the client - after all, the server doesn't care
if they pass themselves a dud key, right? Let them crunch it.  Put all those
Pentiums to work!


Better idea, I hadn`t thought of that, anyone else care to comment on 
a way to solve this? - how did the nymservers do it????

  Datacomms Technologies web authoring and data security
     Paul Bradley, [email protected]
         "Don`t forget to mount a scratch monkey"

Version: 2.6