[Security] GSoC proposal: Identity-based end-to-end encryption for XMPP

Hannes Tschofenig hannes.tschofenig at gmx.net
Wed Mar 16 00:39:11 CST 2011


Hi Brian, 

I am not sure I fully understand the process & background here but David had asked for comments on an idea he had.

I was in the assumption that he wanted to get feedback from others on the usage of IBE for e2e security. 

Having worked with researchers a lot it is not uncommon to look at all the different solution mechanisms out there and to apply them. 
Regardless which communication protocol you look at you will for sure see proposals that use CGAs, IBE, apply security at all layers, etc. 

My believe is that it helps to determine what the problem actually is, and figure out what requirements for the specific problem arise. 
Not having seen any problem analysis nor requirements list (yet) I was only able to share my limited view of what I would do. 

Ciao
Hannes

PS: Regarding the analysis of existing mechanisms and some requirements other folks had looked at you might want to read through: 
http://tools.ietf.org/html/rfc5479

On Mar 16, 2011, at 1:17 AM, Brian Spector wrote:

> This ignorance on this board is truly stunning.  It's actually hard to
> argue with the logic presented here.
> 
>>> The primary advantage of an IBE system is that you can encrypt to
>>> people whose credentials you don't have (and may not even have any
>>> yet). However, since this is a real-time exchange, that benefit does
>>> not applyhere.
> 
> Anyone with a cursory knowledge of crypto knows the issues in scaling PKI
> are immense.
> Identity based cryptosystems come in all shapes and sizes, not just
> identity based encryption, but identity based key agreements, hierarchical
> key systems, etc.
> And there are PLENTY of well-known IBCs that are IPR free  (well, at least
> to anyone who isn't lazy enough to look beyond Boneh-Franklin).
> 
> Further, I think there are some people on this list that are also on the
> IETF draft bodies, and they know the proposals coming down the river, and
> WHY they are coming down the river, and no one has spoken up yet for this
> guy and his idea.  If that's the case, that's shameful.
> 
> David, it's a great idea, it's important, and I'll find a way to rustle up
> the resources to sponsor you.
> 
> I think I can relegate this board to a Google archive rather than have it
> pollute my inbox anymore.
> 
> FAIL.
> 
> -----Original Message-----
> From: security-bounces at xmpp.org [mailto:security-bounces at xmpp.org] On
> Behalf Of Eric Rescorla
> Sent: 15 March 2011 15:32
> To: XMPP Security
> Subject: Re: [Security] GSoC proposal: Identity-based end-to-end
> encryption for XMPP
> 
> On Tue, Mar 15, 2011 at 8:20 AM, David Núñez <dnunez at lcc.uma.es> wrote:
>> The idea is to use the XMPP servers as Key Generation Centers (KGC),
> since they already provide procedures for user authentication. Thus, the
> project would have to develop the server components required to issue
> private keys to users, among others. I think that the fact that the JID of
> the user you want to securely communicate could act as a public key is
> interesting to the XMPP protocol.
> 
> Yes, this does not add any value over a standard PKI system.
> 
> -Ekr
> 
>> However, I am aware that there have been several responses to my
> proposal, and it seems that it is not very interesting to XMPP. I would
> like to thank you for your thoughtful insights. As one of you suggested in
> a previous response, I will study in more depth the current problems in
> end-to-end communication in XMPP and try to propose something else. I was
> hoping to participate in this Google Summer of Code edition. Any ideas
> that could be arranged as a proposal?
>> 
>> Best regards,
>> David.
>> 
>> El 15/03/2011, a las 15:47, Eric Rescorla escribió:
>> 
>>> On Tue, Mar 15, 2011 at 7:14 AM, David Núñez <dnunez at lcc.uma.es> wrote:
>>>> Thank you for your response. Respect to your first point, one
> advantage of the proposed scheme is that it is an alternative to digital
> certificates and its associated distribution infrastructure, as it relies
> on the identity of the users as public keys.
>>> 
>>> I don't know what this means. An IBE system requires a central key
>>> generation server which needs to verify users identities and only
>>> issue keys when appropriate. The processing done by the KGS looks
>>> very much like that done by a CA.
>>> 
>>> The primary advantage of an IBE system is that you can encrypt to
>>> people whose credentials you don't have (and may not even have any
>>> yet). However, since this is a real-time exchange, that benefit does
>>> not applyhere.
>>> 
>>> -Ekr
>> 
>> 
> ***** Email confidentiality notice *****
> 
> This message is private and confidential. If you have received this message in error, please notify us and remove it from your system.
> 
> CertiVox Ltd is a company registered in England and Wales. Registered number: 7498769. Registered office: 145-157 St. John Street London EC1V 4PY
> 



More information about the Security mailing list