[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: SOI: identity protection and DOS
Michael Thomas <mat@cisco.com> writes:
> I guess that don't draw a huge distinction of where
> the privacy leak happened, especially in the example
> given where there should be no expectation of privacy
> since it's given to untrusted but authenticatable parties.
I think there is a HUGE HUGE difference between giving information to
the person I think I want to talk to, and letting anyone else hear it.
Whether I trust you is a completely different argument and is
irrelevant. The point is that I may not know what YOU will do with
the data I give you, but at least I know only YOU have it. If it's
sent unprotected, then anyone can not only see it, but can perform
traffic analysis on who I'm contacting and when.
> I'm not arguing about choice. I'm arguing about
> average behavior. On average, people don't take
> the same precautions gaurding their home as
> they do nuclear arsenals. Nor should they; the
> risk if compromised is small and the expense
> is prohibitive. That is, we should make the
> average case reflect the actual risk/expense
> instead of erring on the paranoid.
What added expense? One round-trip and a DH? Sorry, that
doesn't sound very expensive to me. Moreover, it isn't even
an extra round-trip; it's only one-half a round trip:
DH_a --------->
<----------- DH_b + {ID_b}K_ab
{ID_a}K_ab --->
Compare this to a protocol w/o ID protection:
ID_a --------->
<----------- ID_b
-derek
> Mike
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available
Follow-Ups:
References: