Re: Encrypted chat - Anonymous identification protocol

David Jablon (dpj@world.std.com)
Sat, 29 Aug 1998 19:48:03 -0400

• Next message: Kriston J. Rehberg: "Re: Crypto Coding Project"
• Previous message: David Jablon: "re: Win98 and NT4.0 passwords"
• In reply to: Martin Grap: "re: Win98 and NT4.0 passwords"
• Next in thread: bram: "Re: Encrypted chat - Anonymous identification protocol"

Perhaps zero-knowledge password protocols can help ...

At 05:16 PM 8/27/98 -0600, Mike Stay wrote:
>Does anyone know how to exchange identities such that neither
>participant can learn the identity of the other unless both are valid
>and without a trusted third party?

Concatenate the sender and receiver names to form a
small shared secret, then do a mutually-authenticated
key exchange. If an attacker correctly guesses the two names,
he can establish this link, but any bad guess will be detected.

Whether or not this meets your needs depends on what you
mean by requiring that "both [names] are valid".
This kind of protocol by itself does not do simultaneous
committment, but it can be easily extended, and with less
risk of revealing names from a small namespace.

----------------------------
David P. Jablon
dpj@world.std.com
<http://world.std.com/~dpj/>

• Next message: Kriston J. Rehberg: "Re: Crypto Coding Project"
• Previous message: David Jablon: "re: Win98 and NT4.0 passwords"
• In reply to: Martin Grap: "re: Win98 and NT4.0 passwords"
• Next in thread: bram: "Re: Encrypted chat - Anonymous identification protocol"