[Cryptography] Secure software update protocol?
Natanael
natanael.l at gmail.com
Tue Feb 23 03:14:52 EST 2016
Den 23 feb 2016 03:01 skrev "Ray Dillinger" <bear at sonic.net>:
>
>
> Drifting back on topic and away from the business/politics
> of the Apple/FBI situation , we do have a valid crypto question
> here.
>
> How can software updates be secured so the distributor knows
> which customers have which updates, not permitting cloned
> devices, and not permitting the distributors to choose a
> particular customer to get a special "joejob" update?
Anonymous Credentials, Zero-knowledge proofs, public logs like Certificate
Transparency of all published updates. Prove with math that you're a
customer without revealing which one of them you are. Connect anonymously,
like over Tor.
Or for that matter, run anonymous checksum lookups and compare with other
users (which still can prove anonymously they too are customers).
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160223/a9917250/attachment.html>
More information about the cryptography
mailing list