-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Matthew Toseland a écrit : > SSKs are 1KB and have rather high overheads. You need to insert a bunch of > CHKs under the SSK, and to make that safe you need the CHK data to be > encrypted. But also you need it for security, because *the SSK is > predictable*!
Hello, Can we have different CHK keys for the same file ? To avoid inserting data if we know the keys before. It's for this that we have choose SSK to generate a new keypair for each file. Why SSK are predictable if you generate a new keypair for each chunk ? And generating a new keypare if you reinsert some chunk who was already inserted ? > SSKs are not practical IMHO, because they are tiny, and furthermore they are > predictable and thus can be used by an attacker just like a full reinsert > with the original key could be. CHK is more interesting if we can have keys that are not based on the content like the actual CHK. > The CHKs under the SSK would be unique yes. And you'd have to store the chunk > key somewhere. If I understand, you say that we need to encrypt the chunk with random key (how ?), then insert the encrypted chunk as CHK and then publish the key to decrypt the encrypted chunk ? We need some native support to encrypt and decrypt file easly... Any idea ? Thanks :) sich -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iQIcBAEBAgAGBQJKJ/HOAAoJEELek5QwRDhpNE4P/2NDlxwaeDu2D4ybhvPXMjA7 YpKsx/3aiF6Z7Vyxt+jOrTMs2JXnKC6GCPfQW6tqWpw3PUctUjiiM7Vvv3lmHPIE 5FdA+1UgPismLUjOwHYcOowqwJhW/qGH6OQXAgmKXFftaHUXvWd0c5bgBHbbO/P0 B3goGEemZMghzj3GzoFXE8MnuepRncPiSZb94WkqyqA+HYzQLzt9EoFJ2RoLO05a SozEqAlgltbP4LytIDTw8tUGu9gR5H31eYZNJD0wy2/EFUXIvzUBn+fAuJ8bqX2h T/3G9R4LVdTzZRTDM1kwskm5/o9OrPOumNAk7W9A1nDMhAc+65pSCnlWKP9fPfR9 vMt70/HPi9o58VJxoBxATyI9I69EwVZTs23FsBS7DM94Y8OEUI14P5saYiZPU5Rm PjE1E9uWr1WD2p/jW3bbqNRRsO3XtmuUjDNcHCZ4H39kbFMHLWYehWuNYO7UVqVW DmZVD4haFx6Qp1eyV5bubimUSsBJkZx9TutLAaiulU47WDfDOgZEcPcyUusC/5e6 dWU9yfDlhrnFhLX3LO5Rh1javRmapYqjc+4c98N7zbFuhLvxUorQIwu/pmbyOSOW qwqMo3cgypZkuyZaFUEzhFxU34d649AE3+hJHYdOmMt2wSLyxNXZziM4vIGbhKiY 0ti/kCEmyfInEVofeW81 =HjEy -----END PGP SIGNATURE----- _______________________________________________ Devl mailing list [email protected] http://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
