[liberationtech] Anyone tested this?
Steve Weis
steveweis at gmail.com
Thu Jun 23 12:16:56 PDT 2011
A follow-up from Privatesky.me:
"It's not IBE, its non-interactive key agreement. But yes, there is a master
key server that issues, rotates and revokes."
https://twitter.com/#!/privateskyme/status/83949496756744192
I don't know what key agreement scheme they're using. If a master key server
is responsible for issuing private keys, then it may be a central point of
failure. They don't have any details about how it works, so I mistrust it by
default.
On Thu, Jun 23, 2011 at 9:28 AM, Steve Weis <steveweis at gmail.com> wrote:
> Privatesky.me is based on Certivox. Details are scant, but this page
> implies that Certivox is using identity-based encryption (IBE):
> http://certivox.com/index.php/technologies/ondemand-key-generation/
>
> That page talks about Certivox issuing keys to senders, which are combined
> with a recipient's identity to generate the recipient's public key. That's
> the classic IBE model. However, private keys in IBE systems are generally
> issued by a central authority. That's consistent with having to install a
> Silverlight client from Privatesky before you can read any messages.
>
> If Privatesky is issuing private keys to each client, the statement in the
> FAQ (https://privatesky.me/faq) "Can you see my stuff? Can you see my
> data? No." is not accurate. Users would be completely trusting the
> key-issuer. That's why IBE systems are generally proposed for an enterprise
> setting, where a central authority controls issuing keys.
>
> I've been talking with their CTO on Twitter and asked if this is the case:
> https://twitter.com/#!/sweis/status/83931891618693121
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.stanford.edu/pipermail/liberationtech/attachments/20110623/b94f9db7/attachment.html>
More information about the liberationtech
mailing list