Bob is launching a new secure messaging app BobCrypt When Al

Bob is launching a new secure messaging app, BobCrypt. When Alice installs the app, it creates an account for her on the BobCrypt server using a hash of her phone number. The app then queries the server by sending the hash of each phone number in Alice\'s address book to learn which of Alice\'s friends already have BobCrypt accounts. The goal is that users can discover their friends\' accounts without the server learning the contents of every user\'s address books. a. Explain why this scheme docs not achieve the intended security goal. How can Bob act maliciously to determine the phone numbers and contacts of all BobCrypt users? b. After you tell Bob that a simple hash is a binding commitment, but does not hide the committed value, he decides to use a common construction for hiding commitments in BobCrypt 2.0. The app now uploads H(phone number, r) where r is a random 128-bit nonce chosen by the app. Explain to Bob why it is not possible to provide the intended functionality using this approach.

Solution

a) This scheme does not reach the intended security goal as the hash of each function used is not hiding the committed value. Here Bob is acting malciously to determine the phone numbers and contacts of all BobCrypt users as the app is reading all the contacts saved in the phone without even taking the permission of the user. In other words, the data of one\'s phone is transferred to the server without providing any information to the user.

b) This is because, the details of numbers are stored in the server with a random 128-bit which is chosen by the app. But the fact is, the app wants to provide the information of the other people in the contact list whether they are using the same app or not. The scenario remains same, though the value retrieved by the server is kept with some random bits chosen, but indirectly it is being revealed to the other users. So one can say, the binding commitment is not kept. If the app would have taken the permissions of the user whether they want to share the contacts of their phone with the server than it could have been a different story.