W3C home > Mailing lists > Public > uri@w3.org > March 2012

RE: http+aes

From: Michael Wojcik <Michael.Wojcik@microfocus.com>
Date: Wed, 7 Mar 2012 11:15:41 -0600
Message-ID: <0AB4526732901E45B9B3A55FFD725D67019CBB18@AUS-EXCHANGE.microfocus.com>
To: "Poul-Henning Kamp" <phk@phk.freebsd.dk>
Cc: "URI" <uri@w3.org>, "HTTP Working Group" <ietf-http-wg@w3.org>, "Ian Hickson" <ian@hixie.ch>
> From: Poul-Henning Kamp [mailto:phk@phk.freebsd.dk]
> Sent: Wednesday, 07 March, 2012 11:33
> In message <0AB4526732901E45B9B3A55FFD725D67019CBB16@AUS-
> EXCHANGE.microfocus.co
> m>, "Michael Wojcik" writes:
> >> You cut and paste the link, and anybody who receives it can view
> >> the copyrighted object, and you have no idea who leaked it.
> >
> >Actually, I think it's potentially worse than that. Consider this
> case:
> >
> >- Publisher puts 100 copies of each resource on CDN, each encrypted
> with
> >a different key.
> What you propose is what's called "Thatcherizing" a document: During
> the Thatchers government, they tweaked the spacing in a confidential
> memo so that each recipients copy were unique, in order to expose
> who leaked it to the press.

It's similar, yes, and also similar to various proposed "Birthday
Paradox" attacks against digital signatures using too-short digests
(where you vary whitespace until you produce an image collision), etc.
The real idea here, though, is that rather than giving every user a
unique key, you partition the keyspace for each resource, so an
accumulation of leaked keys gives increasing probabilistic
identification of the source of the leak.

> It is however, not an argument for the circus-crypto og http+aes

Of course not - I meant it as an argument *against* http+aes. That's why
I wrote "potentially worse" above.

Michael Wojcik
Technology Specialist, Micro Focus

This message has been scanned by MailController - portal1.mailcontroller.co.uk
Received on Wednesday, 7 March 2012 17:17:27 UTC

This archive was generated by hypermail 2.4.0 : Sunday, 10 October 2021 22:17:55 UTC