-
Notifications
You must be signed in to change notification settings - Fork 0
Crypto Protocol 1
Steven Allen edited this page Nov 26, 2012
·
1 revision
- Group Key Pair (Kpg, Ksg): The group's key pair (controlled by the producer).
- User Key Pair (Kpu, Ksu): The user's key pair.
- Membership Signature (Sm): The group key's signature on the member's public key
Sm = Ksg(Kpu)
- Are the membership signatures sensitive information? That is, if one knows A signature, is one able to determine: a. The group that produced the signature. b. The signed public key.
- Is there any way to have expiring subkeys for user keys? That is, can membership signatures be generated on a master key and be verified with an expiring subkey? This would make using untrusted user agents (browsers) less of a security risk.
- Unless different group key pairs are used per resource, the client will be able to tell if a two resources are guarded by the same ACL.
- The members of a group are not inherently known to the client. However, ensuring this, the membership signatures may need to be kept private/encrypted (Q1).
- The client must know where to find member signatures. This could potentially leak information about who is publishing the content.
- Unless different group key pairs are used, the relying party will be able to determine if two resources are guarded by the same ACL.
- Unless different group key pairs are used, the relying party will be able to infer a consumer's access to other resources guarded by the same ACL.
- The relying party cannot determine the identities of the group members or the clients requesting content.
- The relying party should not need to know who is publishing the resource.
- The relying party will not know the members of a group. However, this may require that the membership signatures be kept private (Q1)
- All requests from a client for a resource will appear to be independent. That is, the relying party will not be able to track/identify consumers.
A consumer must be able to obtain his/her membership signature for a group. However, other parties must not be able to determine if a consumer is a member of a group. Additionally, consumers should not need to download all of the membership signatures for a group.
- There must be a method for transferring membership signatures to clients. Preferably, these signatures would not be private information (Q1) and could be distributed publicly (distributed key servers).