On Jul 26, 2009, at 12:11 AM, james hughes wrote:
It seems to me there's a much simpler critique. The Cleversafe
approach - which is not without its nice points - solves the "key
management problem" in exactly the same way that some version of
Windows solved the "frequent General Protection Fault crashes" problem
(by eliminating the error message).
On Jul 24, 2009, at 9:33 PM, Zooko Wilcox-O'Hearn wrote:
[cross-posted to tahoe-...@allmydata.org and email@example.com
Disclosure: Cleversafe is to some degree a competitor of my Tahoe-
I am tempted to ignore this idea that they are pushing about
encryption being overrated, because they are wrong and it is
The trick is cute, but I argue largely irrelevant. Follows is a
response to this web page that can probably be broadened to be a
criticism of any system that claims security and also claims that
key management of some sort is not a necessary evil....
The "key management problem" comes down to: I have encrypted data
stored somewhere (where we assume attackers can access it, but not
make use of it without the key). To make that data meaningful, I need
to be able to locate the key appropriate to that data. What's a key?
It's some private information. In Cleversafe's approach, I have data
stored in pieces all over the place. To get at it, I need to know
where the pieces of some data are. That information has to be secret,
since anyone who has access to it can do the same computation and
recover the data just as I can.
Alternatively, I can rely not on the secrecy of that information, but
on the discretion of those who hold the pieces. OK, but I could have
done that with a simpler technique: Encrypt the data conventionally,
then split the key among the trusted holders. That's a tiny, and more
to the point, *fixed* overhead beyond the size of the data, which will
always beat the cleverest Reed-Solomon or erasure coding. (It also
has - if I use an appropriate mode - such nice features as random
access to small parts of the data without the need to decrypt the
whole thing first.)
Granted, Cleversafe has other nice features. But other than changing
"the key management problem" to "the secret information needed to get
at the data, which won't be used as a crypto key" problem, I don't see
how they've actually *solved* anything.
Further: If I'm only encrypting stuff for myself, there's little
reason to use multiple keys. The key management problem becomes
interesting when there is different encrypted data with different
access rights for different groups of users. It's beyond me how
Cleversafe's approach makes this easier - or harder.
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com