Re: authenticated anonymous communication question

From: Jason (NOSPAMperlmodules@lunkwill.org)
Date: 02/26/03


From: NOSPAMperlmodules@lunkwill.org (Jason)
Date: 25 Feb 2003 16:26:52 -0800

Paul Rubin <http://phr.cx@NOSPAM.invalid> wrote in message 7x7kbpw91q.fsf@ruckus.brouhaha.com">news:<7x7kbpw91q.fsf@ruckus.brouhaha.com>...
> Or maybe anonymous isn't the right word. I'm wondering if there's a
> standard protocol that lets Alice and Bob have a secure, authenticated
> conversation, that's anonymous in the sense that an eavesdropper or
> MITM can't tell that the conversation is between Alice and Bob (i.e.
> the attacker can't see the identity credentials). Alice and Bob are
[...]

Oblivious Signature-Based Envelopes could do this sort of thing if they each
know a group that the other belongs to (and which the attacker doesn't):

http://crypto.stanford.edu/~ninghui/abstracts/osbe.html

They can do a lot more, too, which we're still writing up.

               -J