On Wed, Apr 25, 2012 at 9:27 PM, Marsh Ray ma...@extendedsubset.com wrote:
On 04/25/2012 10:11 PM, Zooko Wilcox-O'Hearn wrote:
1. the secret-oriented way: you make a MAC tag of the chunk (or equivalently
you use Authenticated Encryption on it) using a secret key known to the good
guy(s) and
I think the separate integrity tag is more general, flexible and more secure
where the flexibility is needed. Tahoe has more complex requirements and
hence needds to make use of a separate integrity tag.
I guess in general it is going to be more general, flexible if there are
separate keys
On 04/25/2012 10:11 PM, Zooko Wilcox-O'Hearn wrote:
It goes like this: suppose you
want to ensure the integrity of a chunk of data. There are at least
two ways to do this (excluding public key digital signatures):
1. the secret-oriented way: you make a MAC tag of the chunk (or
equivalently you
You'd have to ask Darren, but IIRC the design he settled on allows for
unkeyed integrity verification and repair. I too think that's a
critical feature to have even if having it were to mean leaking some
information, such as file length in blocks, and number of files, as I
look at this from an
On Wed, Apr 25, 2012 at 10:27 PM, Marsh Ray ma...@extendedsubset.com wrote:
On 04/25/2012 10:11 PM, Zooko Wilcox-O'Hearn wrote:
2. the verifier-oriented way: you make a secure hash of the chunk, and
make the resulting hash value known to the good guy(s) in an
authenticated way.
Is option 2
Also,
On Wed, Apr 25, 2012 at 10:11 PM, Zooko Wilcox-O'Hearn zo...@zooko.com wrote:
Hello Nico Williams. Nice to hear from you.
Yes, when David-Sarah Hopwood and I (both Tahoe-LAFS hackers)
participated on the zfs-crypto mailing list with you and others, I
learned about a lot of similarities
On 2012-04-26 1:11 PM, Zooko Wilcox-O'Hearn wrote:
how are we
doing? Are we winning? I don't know about you, but I consider myself
to be primarily a producer of defense technology. I'd like for every
individual on the planet to have confidentiality, data integrity, to
be able to share certain