Network Working Group V. Birk
Internet-Draft H. Marques
Intended status: Standards Track pEp Foundation
Expires: August 26, 2018 B. Hoeneisen
Ucom.ch
Feb 22, 2018
pretty Easy privacy (pEp): Trustwords concept
draft-birk-pep-trustwords-00
Abstract
In public-key cryptography comparing the public keys' fingerprints of
the communication partners involved is vital to ensure that there is
no man-in-the-middle (MITM) attack on the communication channel.
Fingerprints normally consist of a chain of hexadecimal chars.
However, comparing hexadecimal strings is often impractical for
regular users and prone to misunderstandings.
To mitigate these challenges, this memo proposes the comparision of
trustwords as opposed to hexadecimal strings. Trustwords are common
words in a natural language (e.g., English) to which the hexidecimal
strings are mapped to. This makes the verification process more
natural.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 26, 2018.
Copyright Notice
Copyright (c) 2018 IETF Trust and the persons identified as the
document authors. All rights reserved.
Birk, et al. Expires August 26, 2018 [Page 1]
Internet-Draftpretty Easy privacy (pEp): Trustwords concept Feb 2018
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Terms . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
3. The Concept of Trustword Mapping . . . . . . . . . . . . . . 3
4. Example . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
5. Previous work . . . . . . . . . . . . . . . . . . . . . . . . 3
6. Number of Trustwords for a language . . . . . . . . . . . . . 3
7. The nature of the words . . . . . . . . . . . . . . . . . . . 4
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4
9. Security Considerations . . . . . . . . . . . . . . . . . . . 4
10. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 4
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5
1. Introduction
In public-key cryptography comparing the public keys' fingerprints of
the communication partners involved is vital to ensure that there is
no man-in-the-middle (MITM) attack on the communication channel.
Fingerprints normally consist of a chain of hexadecimal chars.
However, comparing hexadecimal strings is often impractical for
regular users and prone to misunderstandings.
To mitigate these challenges, this memo proposes the comparision of
trustwords as opposed to hexadecimal strings. Trustwords are common
words in a natural language (e.g., English) to which the hexidecimal
strings are mapped to. This makes the verification process more
natural.
Trustwords are used to achieve easy contact verification in pEp's
proposition of Privacy by Default [pEp] for end-to-end encryption
situations after the peers have exchanged public keys
opportunistically.
Trustwords may also be used for purposes other than contact
verification.
Birk, et al. Expires August 26, 2018 [Page 2]
Internet-Draftpretty Easy privacy (pEp): Trustwords concept Feb 2018
2. Terms
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
3. The Concept of Trustword Mapping
4. Example
A fingerprint typically looks like:
F482 E952 2F48 618B 01BC 31DC 5428 D7FA ACDC 3F13
Its mapping to trustwords looks like:
dog house brother town fat bath school banana kite task
[[Actual mapping for English should be used here and perhaps an
example for another language.]]
Instead of the former hexadecimal string, users can compare ten
common words of their language.
5. Previous work
The basic concept of trustwork mapping has been already documented in
the past, e.g. for use in One-Time Passwords (OTP) [RFC2289] or the
PGP Word List ("Pretty Good Privacy word list" [PGPwordlist], also
called a biometric word list, to compare fingerprints.
6. Number of Trustwords for a language
Previsous proposals have the shortcoming of a limited number of
trustwords and they are usually only available in English. If the
number of trustwords is low, a lot of trustworks need to be compared,
which make a comparision somewhat cumbersome for users, i.e. leads to
degraded usability. To reduce the number of trustwords to compare,
16-bit scalars are mapped to natural language words. Therefore, the
size (by number of key--value pairs) of any key--value pair structure
MUST be 65536, the keys being the enumeration of the Trustwords
(starting at 0) and the values being individual natural language
words in the respective language.
However, the number of unique values to be used in a language may be
less than 65536. This can be addressed e.g. by using the same value
(trustword) for more than one key. However, the entropy of the
representation is slightly reduced.
Birk, et al. Expires August 26, 2018 [Page 3]
Internet-Draftpretty Easy privacy (pEp): Trustwords concept Feb 2018
Example. A Trustwords list of just 42000 words still allows for an
entropy of log_2(42000) ~= 15.36 bits in 16-bit mappings.
It is for further study, what minimal number of words (or entropy)
should be required.
7. The nature of the words
Every Trustwords list SHOULD be cleared from swearwords in order to
not offense users. This is a task to be carried out by speakers of
the respective natural lnaguage.
8. IANA Considerations
Each natural language requires a different set of trustwords. To
allow implementors for identical trustword lists, a IANA registry is
to be established. The IANA registration policy according to
[RFC8126] will likely be "Expert Review" and "Specification
Required".
An IANA registration will contain:
o language code accoring to ISO 639-3
o version number
o list of up to 65536 trustwords
The details of the IANA registry and requirements for the expert to
assess the specification are for further study.
9. Security Considerations
There are no special security considerations.
10. Acknowledgements
This work was initially created by pEp Foundation, and then reviewed
and extended with funding by the Internet Society's Beyond the Net
Programme on standardizing pEp. [bnet]
11. References
Birk, et al. Expires August 26, 2018 [Page 4]
Internet-Draftpretty Easy privacy (pEp): Trustwords concept Feb 2018
[bnet] Simao, I., "Beyond the Net. 12 Innovative Projects
Selected for Beyond the Net Funding. Implementing Privacy
via Mass Encryption: Standardizing pretty Easy privacy's
protocols", Jun 2017, .
[pEp] pEp Foundation, "pretty Easy privacy (pEp): Privacy by
Default [Internet-Draft]", Jan 2018,
.
[PGPwordlist]
Wikipedia, "PGP word list", Nov 2017,
.
[RFC1760] Haller, N., "The S/KEY One-Time Password System",
RFC 1760, DOI 10.17487/RFC1760, February 1995,
.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997,
.
[RFC2289] Haller, N., Metz, C., Nesser, P., and M. Straw, "A One-
Time Password System", STD 61, RFC 2289,
DOI 10.17487/RFC2289, February 1998,
.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017,
.
Authors' Addresses
Volker Birk
pEp Foundation
Email: vb@pep-project.org
Hernani Marques
pEp Foundation
Email: hernani.marques@pep.foundation
Birk, et al. Expires August 26, 2018 [Page 5]
Internet-Draftpretty Easy privacy (pEp): Trustwords concept Feb 2018
Bernie Hoeneisen
Ucom Standards Track Solutions GmbH
Email: bernie@ietf.hoeneisen.ch (bernhard.hoeneisen AT ucom.ch)
URI: http://www.ucom.ch/
Birk, et al. Expires August 26, 2018 [Page 6]