On Mar 31, 2008, at 6:44 AM, James A. Donald wrote:
Better still, have a limited supply of tickets that enable one to construct the convergence key. Enough tickets for all normal usage, but not enough to perform an exhaustive search. [...]

If you give the ticket issuing computers an elliptic point P, they will give you the corresponding elliptic point k*P. If, however, you ask for too many such points, they will stop responding.

This isn't a good design. It's incompatible with Tahoe's present architecture, introduces a single point of failure, centralizes the otherwise by-design decentralized filesystem, and presents a simple way to mount denial of service attacks. Finally, since the decentralization in Tahoe is part of its security design (storage servers aren't trusted), you run into the usual quis custodiet ipsos custodes problem with the ticket-issuing server that the present system nicely avoids.


Ivan Krstić <[EMAIL PROTECTED]> | http://radian.org

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to