[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Auth]My two cents
From: |
Norbert Sendetzky |
Subject: |
Re: [Auth]My two cents |
Date: |
Tue, 17 Jul 2001 15:22:22 +0200 |
On Monday 16 July 2001 15:36, you wrote:
> What about two (or more) registrars that store half of the information
> each?!
> For example, take two registrars, reg1.net and reg2.net. The user wants to
> store his profile, given as an array of bytes p[i], with these registrars
> without
> trusting any of them. This can be done by taking an array of random numbers
> r[i].
> Registrar reg1.net gets to store the array r[i], and registrar reg2.net
> gets to store the array r[i] XOR p[i]. Both registrars only see arrays of
> random numbers. In order to recreate the original profile, the client has
> to retrieve
> r[i] from reg1.net, and r[i] XOR p[i] from reg2.net, and XOR these two
> arrays
> with each other resulting in r[i]XOR r[i] XOR p[i] == p[i]. So this reduces
> the
> problem to the problem of reliably updating profile arrays at two
> registrars which can be solved by storing two generations of profile
> arrays.
I can't be sure that a few registrars combine the data to get the
information. See Doubleclick and Abacus!
With encryption this is very unlikely.
Norbert