I wonder if much of the work on secure DHT's and such is based on bad 
assumptions.  A DHT is just a key/value mapping.  There are two reasons to want 
to distribute such a thing:  To deal with high, distributed load; and because 
it's too large to store on any one node.  I contend that the second has become 
a non-problem.  The DHT uses I've seen involve at most a couple of billion 
small key/value pairs; most involve a few million at most.  Even at the high 
end, what's today a fairly small, moderately powered system can handle this 
much data with no problems.  The limitations are on QPS.  However, there are 
plenty of mundane techniques to deal with that, including replication, 
deterministic sharding, and caching.  They are all much simpler than DHT's and 
are hence less likely to have the subtle security problems that DHT's do.

Fundamentally, we're asking DHT's to solve three problems at once:  Distribute 
a map; be robust in the face of node failure; do it all securely.  Better to 
use good solutions to the individual problems and combine them than to try to 
find a way to do all at once.

I worked on data structures somewhat like DHT's back in the late 1970's (to 
implement the Linda distributed programming language on LAN's and hypercubes 
and similar networks).  Neat idea at the time, and it was fun to see it come 
back as a neat idea on a much larger scale years later; but perhaps its time is 
(again) passing.
                                                        -- Jerry

The cryptography mailing list

Reply via email to