> Also, the privacy and the finding are in direct opposition to each-other, which isn’t always a comfortable system dynamic. ... or some sort of group key sharing

Perhaps you might consider a pinsketch in the manner proposed for cryptographic biometric security. https://arxiv.org/abs/cs/0602007

I contributed to a fast implementation of the underlying algorithim: https://github.com/bitcoin-core/minisketch

With it two peers could compare their BSSID environments and learn ~nothing about each other unless they were nearly matching.

I can see how one could use it for location based key agreement for mutual authentication-- not as obvious to me how to apply it to privacy preserving location.

The latter would probably just best be accomplished by downloading the whole database, or (less optimally) using PIR to probe for the locations of single BSSIDs.

▲

vessenes 4 hours ago | parent [-]

Oooh, this is very interesting and timely. Thank you, reading it now.

Out of curiosity, what's the motivation for Bitcoin-Core? Is it comparing mempool txs?

	▲	nullc 2 hours ago \| parent [-]
		Transaction relay. Ideally nodes have lots of connections so that attackers can't so easy block transaction and block propagation and censor information. But lots of connections means lots of network bandwidth wasted relaying redundant information nodes already know about. From day one bitcoin relayed transactions by offering just their hashes and only requesting what wasn't known. But even sending hashes ends up being a lot of data in total, and the bandwidth scales with peers*transactions. Using set reconciliation changes that to more like peers+transactions. When using setrecon for authentication its important that the scheme is as close to information theoretically optimal as possible-- which makes approaches like pinsketch important. For the transaction case faster but less communications efficient methods might be better except that latency is also a consideration for Bitcoin and minimizing latency means running reconciliation often. This stresses the inefficiencies of alternative tools as well as covers up for the quadratic decode cost of pinsketch. I'm not aware of anyone using our minisketch library for authentication-ish uses but I'd be interested in seeing it.