Re: [GNUnet-developers] Re: URI suggestion

[Christian Grothoff]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Tuesday 23 September 2003 01:29 pm, Marcos D. Marado Torres wrote:
> Couldn't the keys be generated using (also) an handle, so that each public
> key has a nickname associated to it?
>
> Mind Booster Noori

No, there is no (secure) way to generate a public-private RSA key pair 
starting from a (public) nickname in a way that it would allow others to 
verify that the public key was derived from the nickname without making it 
trivial for an adversary to do the same which would then compromise the 
private key.

And even if your public/private key pair was derived from "Booster" and me 
doing the same would give me a different public/private key pair, which of 
the two pairs it then the "valid" one?  

I only see two ways to guard against "impostors".  Either

a) derive a handle from the public key (which either gives us our current 
HexID or the aritificial "natural language" key I proposed in my last mail) 

or

b) allow the local user to associate an arbitrary nick with every public key 
and *only* use that nick locally.  That is, the (global) pseudonym X can be 
called "foo" by user A and "bar" by user B and the association of X with 
"foo" or "bar" is done in a purely local fashion by the user interface.  

So in some sense, deriving a user-handle is, in both cases (a and b), 
something that the UI does. I kind of doubt at the moment that there is any 
secure and completely distributed alternative.

Christian
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (GNU/Linux)

iD8DBQE/cJy+9tNtMeXQLkIRAiC8AJ9J/IuamOvVEE4dW3ViUeurbqfLIwCfQGu8
xH+xByPUhOiWNkMwHg3VQt8=
=AIwl
-----END PGP SIGNATURE-----