[cryptography] Secure Remote Password (SRP) and Plaintext Emil Address

Jim Fenton fenton at bluepopcorn.net
Fri Oct 19 15:09:01 EDT 2012

On 10/18/12 11:45 PM, James A. Donald wrote:
> On 2012-10-19 11:47 AM, Nico Williams wrote:
>> Lack of client ID privacy protection can lead to some attacks such as
>> password guesses based on the ID or knowledge of the person that ID is
>> for.  If you were working for a spy agency (say), you'd definitely
>> want priv. prot. for the client ID!
> If the attacker knows the email address, can identify the user - who
> is very likely using the same password for his porn account, etc.
> Attacker intercepts porn account using firesheep, and ... he is in.

That problem isn't limited to use of email address as an identifier.
People like to use the same identifiers (if they can get them), even if
they're not email addresses, in multiple places. If you're concerned
about identifier confidentiality or ability of sites to collude, you
probably need to be thinking about protocols that have directed identity
(unique identifier per site) properties.

More information about the cryptography mailing list