status-im/wiki.status.im
2
0
Fork 0
mirror of https://github.com/status-im/wiki.status.im.git synced 2025-02-24 10:08:31 +00:00
Code Issues Projects Releases Wiki Activity
wiki.status.im/proposals/contact-sharing/index.html

323 lines
12 KiB
HTML
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<link rel="canonical" href="https://wiki.status.im/proposals/contact-sharing/">
<link rel="shortcut icon" href="../../img/favicon.ico">
<title>Contact Sharing (WIP) - Status Wiki</title>
<link href="../../css/bootstrap-custom.min.css" rel="stylesheet">
<link href="../../css/font-awesome-4.5.0.css" rel="stylesheet">
<link href="../../css/base.css" rel="stylesheet">
<link rel="stylesheet" href="../../css/highlight.css">
<link rel="stylesheet" href="../../css/custom.css">
<!-- HTML5 shim and Respond.js IE8 support of HTML5 elements and media queries -->
<!--[if lt IE 9]>
<script src="https://oss.maxcdn.com/libs/html5shiv/3.7.0/html5shiv.js"></script>
<script src="https://oss.maxcdn.com/libs/respond.js/1.3.0/respond.min.js"></script>
<![endif]-->
<script src="../../js/jquery-1.10.2.min.js"></script>
<script src="../../js/bootstrap-3.0.3.min.js"></script>
<script src="../../js/highlight.pack.js"></script>
<script>
(function(i,s,o,g,r,a,m){i['GoogleAnalyticsObject']=r;i[r]=i[r]||function(){
(i[r].q=i[r].q||[]).push(arguments)},i[r].l=1*new Date();a=s.createElement(o),
m=s.getElementsByTagName(o)[0];a.async=1;a.src=g;m.parentNode.insertBefore(a,m)
})(window,document,'script','//www.google-analytics.com/analytics.js','ga');
ga('create', 'UA-79146816-1', 'wiki.status.im');
ga('send', 'pageview');
</script>
</head>
<body>
<div class="navbar navbar-default navbar-fixed-top" role="navigation">
<div class="container">
<!-- Collapsed navigation -->
<div class="navbar-header">
<!-- Expander button -->
<button type="button" class="navbar-toggle" data-toggle="collapse" data-target=".navbar-collapse">
<span class="sr-only">Toggle navigation</span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
<span class="icon-bar"></span>
</button>
<a class="navbar-brand" href="../.."></a>
</div>
<!-- Expanded navigation -->
<div class="navbar-collapse collapse">
<!-- Main navigation -->
<ul class="nav navbar-nav">
<li >
<a href="../..">Welcome</a>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Getting Started <b class="caret"></b></a>
<ul class="dropdown-menu">
<li >
<a href="../../getting-started/mission-and-core-values/">Mission & Core Values</a>
</li>
<li >
<a href="../../getting-started/user-guide/">User Guide</a>
</li>
<li >
<a href="../../getting-started/faq/">FAQ</a>
</li>
<li >
<a href="../../getting-started/code-of-conduct/">Code of Conduct</a>
</li>
<li >
<a href="../../contributing/development/introduction/">Developer Introduction</a>
</li>
<li >
<a href="../../community/how-to-grow-our-community/">Grow our Community</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Contributing <b class="caret"></b></a>
<ul class="dropdown-menu">
<li class="dropdown-submenu">
<a href="#">Developers</a>
<ul class="dropdown-menu">
<li >
<a href="../../contributing/development/introduction/">Introduction</a>
</li>
<li >
<a href="../../contributing/development/building-status/">Building Status</a>
</li>
<li >
<a href="../../contributing/development/adding-dapps/">Adding DApps</a>
</li>
</ul>
</li>
<li >
<a href="../../contributing/design-guidelines/">Design Guidelines</a>
</li>
<li >
<a href="../../contributing/testing-and-feedback/">Testing & Feedback</a>
</li>
<li >
<a href="../../contributing/documenting/">Documenting</a>
</li>
<li >
<a href="../../contributing/outreach/">Outreach</a>
</li>
<li >
<a href="../../contributing/translations/">Translations</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Community <b class="caret"></b></a>
<ul class="dropdown-menu">
<li >
<a href="../../community/how-to-grow-our-community/">Grow our Community</a>
</li>
<li >
<a href="../../community/slack/">Slack</a>
</li>
<li >
<a href="../../community/newsletter/">Newsletter</a>
</li>
<li >
<a href="../../community/blog/">Blog</a>
</li>
<li >
<a href="../../community/tell-a-friend/">Tell a Friend</a>
</li>
</ul>
</li>
<li class="dropdown active">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">Proposals <b class="caret"></b></a>
<ul class="dropdown-menu">
<li >
<a href="../commiteth/">Commiteth (WIP)</a>
</li>
<li class="active">
<a href="./">Contact Sharing (WIP)</a>
</li>
<li >
<a href="../chat-api/">Chat API (WIP)</a>
</li>
<li >
<a href="../discover/">Discover (WIP)</a>
</li>
<li >
<a href="../messaging/">Status Messaging (WIP)</a>
</li>
<li >
<a href="../erc20-exchange/">Exchange (WIP)</a>
</li>
<li >
<a href="../sticker-market/">Sticker Market (WIP)</a>
</li>
<li >
<a href="../visual-programming/">Visual Programming (WIP)</a>
</li>
<li >
<a href="../moments/">Moments (WIP)</a>
</li>
</ul>
</li>
<li class="dropdown">
<a href="#" class="dropdown-toggle" data-toggle="dropdown">License <b class="caret"></b></a>
<ul class="dropdown-menu">
<li >
<a href="../../licenses/mpl2/">MPL2</a>
</li>
<li >
<a href="../../licenses/lgpl-v3.0-static/">LGPLv3-static</a>
</li>
</ul>
</li>
<li class="repo-link">
<a href="https://github.com/status-im/wiki.status.im/" target="_blank">
<i class="fa fa-github"></i>GitHub
</a>
</li>
<li class="search-link">
<a href="#" data-toggle="modal" data-target="#mkdocs_search_modal">
<i class="fa fa-search"></i>
</a>
</li>
</ul>
</div>
</div>
</div>
<div class="container">
<div class="col-md-3"><div class="bs-sidebar hidden-print affix well" role="complementary">
<ul class="nav bs-sidenav">
<li class="main active"><a href="#contact-sharing">Contact Sharing</a></li>
</ul>
</div></div>
<div class="col-md-9" role="main">
<div style="text-align: right;">
<a href="https://github.com/status-im/wiki.status.im/edit/master/docs/proposals\contact-sharing.md">Edit this page</a>
</div>
<h1 id="contact-sharing">Contact Sharing</h1>
<p>basic idea is to hash the pair of phone numbers (me, other) so that there are many collisions and then publish this (plausible deniable, because of collisions). and the contact your friend out of band if there is a hash that could be a match (which it is most likely not).</p>
<p>General problem:
 - Data is readable by anyone
 - The problem is not so much, that the server must not learn the contacts, but  that
     - no one must learn them, while all data is public</p>
<p>Alice announces its connection with Bob by:</p>
<ul>
<li>calculating H(A_phone_number + B_phone_number) </li>
<li>applying costly scrypt or PBKDF2 hashing to derive H'</li>
<li>truncating H to a low number of bits H'', so that collisions are likely</li>
<li>publicly registers its unique pubkey_alice_bob for  H''</li>
</ul>
<p>Notes so far:
- rainbow tables of 10^10^2 size (i.e. all phone number combinations) are impractical
- calculating all combinations is prohibitively costly
- collisions of H allow plausible deniability
- Problem: an adversary can impersonate Alice, need spam protection (PoW) here</p>
<p>Bob wants to know if Alice is participating in the network:
- Bob calculates H(A_phone_number + B_phone_number)
- Bob generates H and H'
- for all matching entries for H (including the one generated by Alice)
 - Bob encrypts truncated H(mobile_bob) for pubkey_alice_bob
 - and sends the message to Alice inbox on the server
 - Alice loads and decrypts the message
 - Alice can match  truncated H(mobile_bob) in hear contact list with a very low false positive rate
 - if Alice thinks she knows Bob, she might reply out of band</p>
<p>Notes:
- Bob can still plausibly deny that he knows Alice
- Bob can still plausibly deny that he participates in the system
- add some proof of work or similar for spam protection</p>
<p>This is hard against:
- Leaking users contact lists
- An adversary with a hypothesis about a connection can learn bobs phone number though</p>
<p>Limitations:
- New users (Bob) wont see others directly
- Existing users (Alice) need to invite Bob
- Quite some computation and communication overhead
 - ~ 500 x 10 messages send
 - 2x key pairs to remember for each</p>
<p>The Difficulty Of Private Contact Discovery
https://whispersystems.org/blog/contact-discovery/
https://news.ycombinator.com/item?id=7007554
https://news.ycombinator.com/item?id=11288169
https://news.ycombinator.com/item?id=11289223</p>
<p>Lame solution which is prone to rainbow table attacks.
https://github.com/SilentCircle/contact-discovery</p></div>
</div>
<footer class="col-md-12">
<hr>
<p>Documentation built with <a href="http://www.mkdocs.org/">MkDocs</a>.</p>
</footer>
<script>var base_url = '../..';</script>
<script data-main="../../mkdocs/js/search.js" src="../../mkdocs/js/require.js"></script>
<script src="../../js/base.js"></script><div class="modal" id="mkdocs_search_modal" tabindex="-1" role="dialog" aria-labelledby="Search Modal" aria-hidden="true">
<div class="modal-dialog">
<div class="modal-content">
<div class="modal-header">
<button type="button" class="close" data-dismiss="modal"><span aria-hidden="true">&times;</span><span class="sr-only">Close</span></button>
<h4 class="modal-title" id="exampleModalLabel">Search</h4>
</div>
<div class="modal-body">
<p>
From here you can search these documents. Enter
your search terms below.
</p>
<form role="form">
<div class="form-group">
<input type="text" class="form-control" placeholder="Search..." id="mkdocs-search-query">
</div>
</form>
<div id="mkdocs-search-results"></div>
</div>
<div class="modal-footer">
</div>
</div>
</div>
</div>
</body>
</html>
Reference in New Issue View Git Blame Copy Permalink