You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The keyshare server can sample statistics about the times a user shows credentials and track the users IP address'
The keyshare server can act as a target for Denial of Service for all IRMA users.
User Statistics
Each user has one "record" stored at the keyshare server and this record is accessed every time the user shows their credentials. Thus even a honest-but-curious server can learn when a user shows their credentials. In the worst case this can lead to time correlation attacks and break anonymity/unlinkability. Furthermore the keyshare server learns the IP address of the user.
Target for Denial of Service attacks
The keyshare server breaks decentralization of the protocol and acts as a possible target for DoS attacks which will have as a result that none of the users will be able to show their credentials.
The text was updated successfully, but these errors were encountered:
User Statistics
Each user has one "record" stored at the keyshare server and this record is accessed every time the user shows their credentials. Thus even a honest-but-curious server can learn when a user shows their credentials. In the worst case this can lead to time correlation attacks and break anonymity/unlinkability. Furthermore the keyshare server learns the IP address of the user.
Target for Denial of Service attacks
The keyshare server breaks decentralization of the protocol and acts as a possible target for DoS attacks which will have as a result that none of the users will be able to show their credentials.
The text was updated successfully, but these errors were encountered: