- From: Evan Schwartz <evan@ripple.com>
- Date: Wed, 11 Jun 2014 11:35:13 -0700
- To: Anders Rundgren <anders.rundgren.net@gmail.com>
- Cc: Steven Rowat <steven_rowat@sunshine.net>, Web Payments CG <public-webpayments@w3.org>
- Message-ID: <CAONA2jWMthJRnwcjjRGv+BsYDg+oKtQoZZwK9ZHUbqjNs13bwA@mail.gmail.com>
Nice work Manu and company for putting this demo together and pushing this project forward. Does the security of the data users store in the to-be-decentralized database depend entirely on them choosing a random 20+ character password? Given what we learned about passwords from the Adobe leak, it seems like we can't wholly rely on people choosing secure passwords (according to this list <http://stricture-group.com/files/adobe-top100.txt> "123456" was the password chosen by 1,911,938 Adobe users). It would be trivial to break most peoples' email/password combinations, especially if decentralization meant that attackers could mount offline attacks on the whole database. I'd also guess that using email as the main identifier also increases the likelihood that people use the same password in the identity credentials system they use for their actual email account. A while ago, Stefan Thomas, CTO at Ripple Labs, wrote up this paper <http://justmoon.github.io/pakdf/> about using a "Peer-Assisted Key Derivation Function" (PAKDF) to address this type of problem, which might be of interest here. Am I correct in thinking that the plan for what would be integrated into the browser would just be a token that allows you to skip some additional authentication step, as opposed to the credentials themselves? I hear browsers mentioned quite often as the ideal storage platform for secure information but I always wonder what happens if I lose or switch my computer, have multiple devices, or if my internet access is limited to internet cafes. When you click “Login”, your email address > and passphrase are SHA-256′d and sent as a query to the Telehash > network. Won't this hash be publicly available in the distributed hash table? What exactly is stored in the blob in the Telehash network? Is it just which identity provider I'm using? Your identity provider will receive the request and > respond to the query with an encrypted message that will then be > decrypted using your passphrase. Does that mean my identity provider has my plaintext passphrase? The contents of that message will > tell the login hub where your identity provider is holding your > identity. The request for the email credential is then forwarded > to your identity provider. How will the request to this identity provider location/URL be authenticated? -- Evan Schwartz Developer + Technology Pioneer Ripple Labs Inc.
Received on Wednesday, 11 June 2014 18:36:03 UTC