Links

Ben Laurie blathering


MicroID

Doc Searls blogs about MicroID.

The idea is pretty simple. First prove what he calls a communication identifier, say an email address. Then you can claim any resource by putting this hash:

H(H(id)+H(resource))

on that resource. So far, so good – though not particularly original – both OpenID and Sxip use hashes in a similar way to claim ownership.

In his blog, the inventor claims:

The most exciting aspect is that it empowers end users with absolute control while fully protecting their rights and privacy.

Errr, no. Firstly, privacy is not protected at all. Anyone with a list of email addresses (or other communication identifiers) can mount a trivial dictionary attack to determine which one owns which resource, and since the hash has to be published to all and sundry on that resource, harvesting hashes is easy.

Secondly, rights are not protected: once the attacker has discerned the communication ID they can easily claim resources that are not yours. In response to this criticism Jeremie says:

…why would you point to something that someone else spoofed?

How is the relying party to know that “you” are doing the pointing? If it is to be sure, then there must be some kind of strong authentication going on before pointing occurs. MicroID doesn’t provide this. But once you have a system that does, then claiming things in a strong way is easy – e.g. just state “this URL is mine” down your strongly authenticated channel, so why are we messing about with hashes?

Seems to me MicroID is cute but ultimately not very useful.

Incidentally, cryptoplumbers out there, if you are going to sign things with hashes, there’s a known construct for doing so: the HMAC. Use it, don’t invent your own.

2 Comments

  1. I wrote about this earlier this year

    http://blogger.socsurveys.org/2008/03/microid-verifiable-really.html

    My conclusion, more or less, was to carefully read the specification, which I’ll excerpt here:

    By itself, a MicroID has no inherent meaning, since it is simply a string created from two URIs. Any entity can generate a MicroID even if it has not verified the identity of the resources associated with one or both URIs. Furthermore, a MicroID is easily copied by an entity that did not generate it. Finally, a MicroID is not digitally signed by the entity that generated it and therefore cannot be cryptographically associated with the generating entity.

    Comment by Donny Viszneki — 29 Aug 2008 @ 0:45

  2. “just state “this URL is mine” down your strongly authenticated channel, so why are we messing about with hashes?”

    MicroID provides a string to include on a web resource to prove ownership. That enables the relying party to verify that I control content at that URL. Otherwise, I could claim http://www.links.org/?p=85 or http://www.google.com/ as mine. It’s true that an authenticated way to claim a URL is also necessary.

    Comment by Dag Arneson — 30 Aug 2008 @ 4:43

RSS feed for comments on this post.

Sorry, the comment form is closed at this time.

Powered by WordPress