[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Auth]My two cents

From: Carsten Kuckuk
Subject: [Auth]My two cents
Date: Mon, 16 Jul 2001 15:36:55 +0200

ONE master registrar is bad (too much power) Many registrars which can cross
sign their identities (and therefore their users one) is perfect.

What about two (or more) registrars that store half of the information
For example, take two registrars, and The user wants to
store his profile, given as an array of bytes p[i], with these registrars
trusting any of them. This can be done by taking an array of random numbers
Registrar gets to store the array r[i], and registrar gets
to store the array r[i] XOR p[i]. Both registrars only see arrays of random
numbers. In order to recreate the original profile, the client has to
r[i] from, and  r[i] XOR p[i] from, and XOR these two
with each other resulting in r[i]XOR r[i] XOR p[i] == p[i]. So this reduces
problem to the problem of reliably updating profile arrays at two registrars
which can be solved by storing two generations of profile arrays.

This model would consist of
- Registrars storing two versions of byte arrays for clients that
  themselves via a user/password scheme which the end-user has to remember.
- A client computer module that accesses both registrars, retrieves the
  string halfes, combines them into the real profile string, makes use of
  updates it, and stores new versions with the registrars.
- A net of independent registrars all over the world would be needed that do
  not need to know about each other.
- Clients would choose two registrars that they have to remember.

Carsten Kuckuk

reply via email to

[Prev in Thread] Current Thread [Next in Thread]