Twitter acquired Threader! Learn more

Sarah Jamie Lewis
+ Your AuthorsArchive @SarahJamieLewis Executive Director @OpenPriv. Cryptography and Privacy Researcher. @cwtch_im icyt7rvdsdci42h6si2ibtwucdmjrlcb2ezkecuagtquiiflbkxf2cqd Aug. 12, 2021 1 min read

As an appendix/follow up to my previous article (a probabilistic analysis of the high level operation of a system like the one that Apple has proposed) here are some thoughts / notes / analysis of the actual protocol.

 https://pseudorandom.resistant.tech/a_closer_look_at_fuzzy_threshold_psi.html 

The previous article can be found here:

Honestly I think the weirdest thing given the intent of this system is how susceptible this protocol seems to be to malicious clients who can easily make the server do extra work, and can probably also just legitimately DoS the human-check with enough contrived matches.

i.e. Even if NeuralHash was *really* *really* good at avoiding false positives (say 3 orders of magnitude better than known-state-of-the-art), how fast do you think you could fill up a photo album of random images such that P(match) approached 1?

The actual fuzzy threshold detection is cute, although seems far too easy for malicious clients to mess with - even if recoverable, the best you can do is flag them for review and waste some cpu cycles - or tightly restrict synthetic match generation to locked down code.

But then that really gets to the heart of everything wrong with this system. To be secure and effective it requires Apple to generate all the parameters for you and to permanently control part of your device so they can use it to spy on you.

(Also all the uncountable policy decisions that you basically just have to trust and not verify )

So, I ask, what is the point of a system that Apple and governments can easily abuse, that malicious people can easily avoid or exploit and that subjects only honest clients to continuous surveillance?

(That is a rhetorical question that we all know the answer to.)

Regardless, unless there are more details from Apple this will likely be all I write on this topic for the time being.

tl;dr I stand by my initial assessment.

As a complete aside, I've enjoyed writing these 2 longer form articles and people seem to like them, so I will probably write more, hopefully on slightly less dystopian topics.


You can follow @SarahJamieLewis.



Bookmark

____
Tip: mention @threader on a Twitter thread with the keyword “compile” to get a link to it.

Follow Threader