Let’s Refresh! Efficient and Private OpenPGP Certificate Updates

In the OpenPGP ecosystem clients can interact with the key server network to discover or fetch updates for other peoples’ keys or rather their certificates. In fact, it is recommended to regularly update the certificates in an OpenPGP keyring to get hold of information that validate or invalidate a certificate, such as new subkeys, certifications, or revocations. However, the HTTP Keyserver Protocol (HKP), which defines how to interact with the key servers, lacks a definition of a dedicated update procedure for certificates. In order to close this gap, this paper analyses the existing protocol and its shortcomings for regular certificate updates as well as the requirements in terms of frequency and size of updates. This paper explores the trade-off between privacy and efficiency and analyses multiple solutions including a trivial Private Information Retrieval (PIR) and a k-anonymous protocol. The data set for the investigation is obtained from the key server network currently deployed in the OpenPGP ecosystem and the proposed protocol maintains compatibility with the existing HKP in order to foster adoption of the proposed amendments.