Hi,
For the first question: I understand that the private indices obfuscate the
usernames. But when computing an index i for a username u, the CONIKS
server will see u in plaintext rather than hashed or encrypted results of u
(correct me if I'm wrong). In this case, a CONIKS server controlled by
Hi,
I think Ismail was trying to answer your first question when he described the
private indices in the CONIKS key directories. What these private indices do,
in other words, is obfuscate the usernames in the directory, so an attacker who
breaks into the server cannot see the usernames
Hi,
Thanks for you quick reply. I still have few questions:
1. If one CONIKS server has been compromised, and I happen to register to
this server; I guess the server can see my username in this case, right?
2. I found the ticket https://trac.torproject.org/projects/tor/ticket/17961.
The answer
