[Cryptography] Novelty versus reuse

Natanael natanael.l at gmail.com
Wed Jun 30 03:55:01 EDT 2021 

On Wed, Jun 30, 2021 at 7:39 AM Bill Woodcock <woody at pch.net> wrote:

> > On Monday, June 28th, 2021 at 10:10 AM, Bill Woodcock <woody at pch.net>
> wrote:
> >> So, I’m not a cryptographer. At all. Could any of y’all who actually
> are help me understand why this:
> >> draft-irtf-cfrg-rsa-blind-signatures-00
> >> …is preferable for authenticating DoH clients to DoH servers, rather
> than using, say, realm auth, or client certificates? In, you know,
> explain-like-I’m-five language?
> >>
> >> I get that realm auth and client certs are really old, but what would
> make them less appropriate for this task, and is the RSA blind signature
> thing standardized enough in other contexts that it’s no more work to
> implement on an HTTPS connection than a client cert or realm auth would be?
> >
> > On Jun 29, 2021, at 11:42 PM, Lee Clagett <forum at leeclagett.com> wrote:
> > Is this for their new "oblivious dns over https" ?
>
> No, it’s for split-horizon… one client gets one answer, a different client
> gets a different answer, but you have to be able to persistently and
> reliably identify and distinguish the clients from each other, and you need
> the clients to not be trivially spoofed, so someone can’t impersonate a
> different client to get a different answer or false-flag a different user.
> The server already knows who the clients are, because it issued them the
> credentials associated with the different groups that get the different
> answers, there’s no anonymity.
>
> There isn’t a protocol or anything, it’s just user organizations wanting
> their DNS providers to be able to implement split-horizon for their users.
> It used to be that you had users sitting in an office, and if they were
> physically sitting in an office, they were deemed “secure” and they got the
> “inside-the-firewall” answer, whereas if they were at home, they were
> “insecure” and got the “outside-the-firewall” answer. Then came VPNs, so
> people could work from home, and tunnel their traffic back to the office,
> getting the inside answer.  Then came the Internet-of-Shit, ensuring that
> anything connected to the home network would immediately become infected,
> which made VPNs kinda useless, but because only a few executives got to use
> them, infinite thrust made the pigs fly.  Then came COVID, and suddenly
> everybody was working from home, and “endpoint security” became a thing.
> So, now the DNS has to support “endpoint security” which means yet more
> DNS-camel, and we’re all trying to figure out how best to respond to it.
> We figured TLS client cert would be sufficient, and started down that path,
> but now Cloudflare has published this draft, so I’m trying to figure out,
> as a non-expert, if there’s any merit to doing it this way, rather than
> just using TLS client certs, which everybody already understands, warts and
> all.
>

The main feature of blinded signatures is that an organization can issue
tokens to individual users which then allows those users to connect to
various services and proving only that they have received authorization
from the organization, without sharing their individual identities. While
usage for something like a VPN or intranet access would still mean that the
users sends traffic likely to be deanonymizing through the service they
connected to, it can also be used with for example oblivious DNS and
numerous other privacy preserving services to prove you are authorized to
make requests without revealing who you are. It's a small component of
other protocols, and removes one source of information for identifying a
user.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210630/de75892d/attachment.htm>

More information about the cryptography mailing list