[Cryptography] Hiding parties identities
Ben Laurie
ben at links.org
Fri Oct 30 07:12:37 EDT 2015
On Thu, 29 Oct 2015 at 02:45 Christian Huitema <huitema at huitema.net> wrote:
> I am looking at the “Pre-shared key” specs in RFC 4279, and in particular
> at the privacy issues inherent with pre-shared key. According to 4279, the
> client sends to the server a “key identity” so the server understands which
> shared key to use in the exchange. The problem of course is that by doing
> so the client reveals its own identity in a clear text message. This is
> dutifully flagged in the security considerations, but no mitigation is
> proposed.
>
>
>
> I can think of two kinds of mitigations. The first one is to encrypt the
> key identity with a server provided key. The problem is that this is a bit
> circular, as the server has to identity that identity encryption key. Also,
> privacy is only achieved if the server key is shared with multiple clients,
> but then it falls into the “widely known secret” category.
>
What's wrong with that? If the server shares a public key which is used by
everyone to encrypt, that's fine, isn't it?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20151030/52cdffbf/attachment.html>
More information about the cryptography
mailing list