[Cryptography] Bloom filter question
Peter Fairbrother
peter at tsto.co.uk
Wed Aug 6 19:39:21 EDT 2025
On 05/08/2025 23:43, John Levine wrote:
> It appears that Peter Fairbrother <peter at tsto.co.uk> said:
>> But I do have some concerns about your threat model. Bloom filters are
>> not designed for secrecy or concealment.
>>
>> For instance, if you only have one item in the filter it is going to be
>> pretty sparse, and easily recognisable as a single item. Do you need
>> dummy items? A nonce? A secret to add pre-hash?
>
> It's not a big deal. If there's only one recipient, it's usually obvious
> from other things who it was and if there's more than one, you can usually
> tell that, too, even if you can't tell who the other ones are.
I'm still unsure about your threat model/use application. What is this
doohickey actually for?
> I suppose if it were an issue, we could add dummy items that don't
> have @ signs so they can't collide with real addresses.
That's not how a Bloom filter works...
You'd (or I would) hash the entire email address - perhaps first
converting the before-the-@ part to lower case, or doing summat similar
with foreign stuff to get a repeatable bitstring- then use a hash
function on that, to get a say 128-bit hash. Then split that hash up.
Peter Fairbrother
More information about the cryptography
mailing list