![]() ![]() For instance, the Rocket Kitty APT group used it to de-anonymize 15 million Iranian telegram users by rapidly enumerating all Iranian phone numbers using the Telegram CD API. Moreover, it turns out that, in practice, this a real concern and the lack of such rate limits has been effectively used in attacks. Having an enforceable rate limit can significantly raise the cost and time required to perform such attacks. The second property is really also about protecting users’ privacy, e.g. To make matters worse, the basic method for performing CD actually leaks all users’ address books to the same central entity (namely the CD server), making this an extremely valuable target for compromise attacks by interested third parties. ![]() If I’m part of a network of political activists operating under an oppressive regime, the mere fact that I know other activists may be incriminating enough to have serious consequences for me. Afterall, who I know can often be at least as critical data as what I am saying. The first property is basically about protecting people’s metadata. Similarly, the server’s resource load needs to be kept within reason so that it doesn’t become a bottleneck during multiple concurrent CD sessions. The process should require a reasonable amount of time only to complete, even on a device with limited CPU power, memory, bandwidth, or data transfer limits.The process should provide some mechanism for the platform to limit the rate at which I can test for existing accounts.The CD server should learn nothing about any entries in my address book that do not match an existing account.Indeed, one of the greatest challenges when designing a CD mechanism is to build a system that provides the same functionality as this basic approach but that simultaneously also provides the following: Unfortunately, this basic approach has pretty glaring privacy issues as it requires users to reveal the entire contents of their address book to the platform’s CD server. Finally, it notifies me of any matches so I can add those to my contact list. For example, I might already have a phone number in my address book already associated with some existing account. For each entry, it checks if it matches an existing account in the platform’s account database. Next, the server goes through all the email addresses, phone numbers, names, and/or other personally identifying information. So, if we are willing to forget about privacy for a moment, then here’s a “basic method” I use for bootstrapping CD: first, I simply upload my entire address book (e.g., the one stored on my phone or in my email client) to the messaging platform’s CD server. To help overcome this hurdle, many platforms allow users to piggyback on their external address book. After all, before I’m even able to message someone I already need to be able to come up with their account name so I can add it to my contact list. That’s because for these platforms, adding an account to your contact list also entails obtaining the initial cryptographic key material for the account a critical step in establishing a secure communication channel.Ĭontact Discovery can be difficult though. This is especially true for end-to-end secure platforms, like Wickr. In fact, for many platforms, adding someone to your contact list is a necessary prerequisite to be able to talk to them. For most message platforms, usually the first thing users will do after creating an account is to start adding people to their contact list a process commonly known as Contact Discovery (CD). ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |