Not Your Keys, Not Your Name

Speaker: F0B74D717CDE8412A3E0D4D5F29AC8080DA8E1E0 (also known as Adam Joseph) This talk will explain the benefits of decentralized protocols which use public keys *directly* as identities, and encourage this approach for newly-designed protocols. The example familiar to the most CCC attendees is Tor [onion names](http://2gzyxa5ihm7nsggfxnu52rck2vv4rvmdlkiu3zzui5du4xyclen53wid.onion). At least [20 other protocols use this strategy](https://codeberg.org/amjoseph/not-your-keys-not-your-name) as well. This talk will briefly survey those examples and explain the benefits of this approach for *autonomy*, *decentralization*, and *ability to resist surveillance*. The main alternative to public keys is names controlled by some globally trusted party, such as US-ICANN, the DNSSEC root key, or the browser-vendors\' WebPKI appointees. This talk will explain the drawbacks of centralized alternatives.\r\n\r\nIf a protocol uses public keys as identities, it should allow users to keep their permanent private key offline. Private keys in *online* "secure elements" are not offline. Because an online device requires a network connection its physical location cannot be hidden; this means it can be seized or stolen and the keys extracted using a vulnerability like [the one recently discovered in all Yubikeys and Infineon TPMs](https://eprint.iacr.org/2024/1380). Only a small number of protocols support offline identity keys. This support cannot be added to a protocol "after the fact"; it must be included from the very beginning. This talk will encourage protocol designers to include this feature from the very beginning, and will give concrete advice ("copy SSH or Tor") on how to do it. More details can be found here: [https://codeberg.org/amjoseph/not-your-keys-not-your-name](https://codeberg.org/amjoseph/not-your-keys-not-your-name).