[Cryptography] Secret "rendezvous" based on telephone numbers

Ben Laurie ben at links.org
Wed Jun 18 17:44:03 EDT 2014


On 18 June 2014 14:38, Tobias Markus <tobias at miglix.eu> wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi,
>
> Consider the following protocol:
> Alice wants to send Bob a message. She wants to use asymmetric cryptography. Because Bob is not always online, she sends it to Charlie to have him relay the message to Bob later on. Alice only knows Bob's mobile number, but she does not want to reveal it to Charlie because Mallory often gets unauthorized access to Charlie's server (and it would be best if Charlie does not know the number in the first place because it's not his business). Mallory can do active attacks on all communication between Alice, Bob and Charlie (read, edit, replay, reorder, drop, etc.). Alice also has to retrieve Bob's public key from the server. (Let's leave key verification out of the game atm.)
>
> Possible (Not Working) Solutions:
> 1) Hash: Does not work because of the small preimage space.
> 2) Hash + Salt: Alice can not easily tell Bob an unique salt.
>
> Suggestions?

http://cacr.uwaterloo.ca/techreports/2014/cacr2014-10.pdf


More information about the cryptography mailing list