[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#668347: RFP: d0-blind-id -- library for user identification using RSA blind signatures

Package: wnpp
Severity: wishlist
X-Debbugs-Cc: debian-devel-games@lists.debian.org

* Package name    : d0-blind-id (upstream name: d0_blind_id)
  Version         : 0.5
  Upstream Author : Rudolf Polzer <divverent@xonotic.org>
* URL             : https://github.com/divVerent/d0_blind_id
* License         : 3-clause BSD
  Programming Lang: C
  Description     : library for user identification using RSA blind

d0_blind_id is an implementation of RSA "blind signatures",
Diffie-Hellmann key exchange and Schnorr identification. It can be used
by the DarkPlaces game engine (as used in Xonotic) to perform anonymous
 registration with a central server, providing cryptographic identities
which are used in Xonotic for access control on individual game servers.

This implementation has not been audited independently, and is not
currently recommended for non-game uses.


Xonotic upstream tell me that they would prefer Xonotic to not be
packaged at all than to be packaged without d0-blind-id support.

I'm happy to co-maintain/provide advice (I maintain other libraries),
but as with Xonotic itself, I'm not willing to be the only maintainer
for something I don't use myself.

Suggested binary packages: libd0-rijndael0 (AES implementation),
libd0-blind-id0 (the rest), libd0-blind-id-dev.

Privacy implications:

According to the Xonotic developers I spoke to, registration is normally
carried out automatically, once per user of Xonotic. The centralized
Xonotic server performs a "blind signature" on a public key generated by
the user, so it knows the IP address used for registration, but not the
public key or anything else about the user's identity. Individual game
servers receive the user's public key, the blind signature, and the
"blinding factor" necessary to check that the blind signature is valid.

The use of signatures and a centralized server (rather than just having
users present an unsigned public key) seems to be intended to allow
users to be banned from a game server, in the same way server admins for
proprietary games can ban users by an identity corresponding to their
purchase (Steam ID, battle.net ID, Quake III Arena, CD-key, or
whatever). Creation of identities is rate-limited by the server.

Reply to: