On 06/05/2019 14:53, Jeff Allen wrote: > It would be more trivial not to hash the number and say you did.
I think it's a worthwhile thing to point out that they state "because hash functions are one-way functions, it is impossible to derive your phone number [...]" without reservations, but that this is a false sense of security. It is a very limited part of the complete picture, which is that a Dutch mobile phone number has only 8 varying digits, meaning an entropy of less than 27 bits, cryptographically laughable. And that an adversary might not even be interested in reversing the hash at all, but just to verify that the phone number of their target has been used to set up a ProtonMail account. With passphrase hashing, the passphrase should be secret. There's nothing secret about a phone number or e-mail address. That completely changes the picture. For me, it's not so much that I question their methods, it's that I question their claims. Blanketly stating "it is impossible to derive your phone number" sounds like security theater to me, and they should be aware of that if they are the least bit competent. That doesn't sit well. I don't expect most of their clients to see through this theater. It is their job to be open and honest about the consequences of their methods, so their clients can make an informed choice whether they will go through with it or not. My 2 cents, Peter. -- I use the GNU Privacy Guard (GnuPG) in combination with Enigmail. You can send me encrypted mail if you want some privacy. My key is available at <http://digitalbrains.com/2012/openpgp-key-peter>
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
