Paper 2011/214

On ``identities'', ``names'', ``NAMES'', ``ROLES'' and Security: A Manifesto

Charles Rackoff

Abstract

There is a great deal of confusion in the cryptology literature relating to various identity related issues. By ``names'' (lower case), we are referring to informal, personal ways that we indicate others; by ``NAMES'' (upper case) we are referring to official ways that we use to indicate others. Both of these concepts are often confused with ``identity'', which is something else altogether, and with ``ROLES''. These confusions can lead to insecurities in key exchange as well as in other internet activities that relate to identity. We discuss why we should not use names in protocols and why we \textit{cannot} use identities. We discuss why, in a public-key infrastructure, we need to use NAMES in key-exchange protocols, and how they should be chosen and why they have to be unique, and why we should \textit{not} use NAMES in session protocols. We also argue for the importance of secure ROLEs in key-exchange protocols.

Metadata
Available format(s)
PDF
Category
Cryptographic protocols
Publication info
Published elsewhere. Unknown where it was published
Contact author(s)
rackoff @ cs toronto edu
History
2011-05-07: received
Short URL
https://ia.cr/2011/214
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2011/214,
      author = {Charles Rackoff},
      title = {On ``identities'', ``names'', ``{NAMES}'', ``{ROLES}'' and Security: A Manifesto},
      howpublished = {Cryptology {ePrint} Archive, Paper 2011/214},
      year = {2011},
      url = {https://eprint.iacr.org/2011/214}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.