[Cryptography] Petnames & Zooko's triangle -- theory v. practice (was Email and IM are...)

ianG iang at iang.org
Wed Aug 28 05:33:50 EDT 2013 

On 28/08/13 02:44 AM, radix42 at gmail.com wrote:
> Zooko's triangle, pet names...we have cracked the THEORY of secure naming, just not the big obstacle of key exchange.


Perhaps in a sense of that, I can confirm that we may have an elegant 
theory but practice still eludes us.  I'm working with a design that was 
based on pure petnames & ZT, and it does not deliver as yet.

One part of the problem is that there are too many things demanding 
names, which leads to addressbook explosion.  I have many payment 
vehicles, many instruments, and in a fuller system, many identities. 
Each demanding at least one petname.

And so do my many counterparties.  A second part of the problem is that 
petnames are those I give myself to some thing, but in some definitional 
sense, I never export my petnames (which is from which they derive their 
security).  Meanwhile, the owner of another thing also has a name for it 
which she prefers to communicate about, so it transpires that there is a 
clash between her petname and my petname.  To resolve this I am 
exploring the use of nicknames, which are owner-distributed names, in 
contrast to petnames which are private names.

Which of course challenges the user even more as she now has two 
namespaces of subtle distinction to manage.  Kerckhoffs rolls six times 
in his grave.

Then rises the notion of secured nicknames, as, if Alice can label her 
favourite payment receptacle "Alice's shop" then so can Mallory.  Doh! 
Introduction can resolve that in theory, but in practice we're right 
back to the world of identity trickery and phishing.  So we need a way 
to securely accept nicknames, deal with clashes, and then preserve that 
security context for the time when someone wishes to pay the real Alice. 
  Otherwise we're back to that pre-security world known as secure browsing.

Then, map the privacy question over the above mesh, and we're in a 
traffic analyst's wetdream.  One minor advantage here is that, 
presswise, we only need to do a little better than Bitcoin, which is no 
high barrier ;)

In sum, I think ZT has inspired us.  It asks wonderfully elegant 
questions, and provides a model to think about the issues.  Petnames and 
related things like capabilities answer a portion of those questions, 
but many remain.  Implementation challenges!


> ... And I don't think the wider public was concerned/scared enough to care before Snowden. Let's hope they care long enough to adopt any viable solutions to the problem that might pop up in the wake of all this. The traffic on this list the past week is a very welcome thing.


Yes.  I was never scared of the NSA.  But the NSA and the FBI and the 
DEA and every local police force ... that's terrifying.  That's a purer 
essence of terror, far worse than terrorism.  We need a new word.



iang

More information about the cryptography mailing list