Wasn't there an idea to have a separate encrypted user store with a key that is only in ram? When a person turns off their node or computer the user store is essentially unreadable and would be erased on next start-up? Locally requested content would only be kept there.
On 9/22/05, Matthew Toseland <toad at amphibian.dyndns.org> wrote: > On Thu, Sep 22, 2005 at 10:39:33PM +0100, Volodya Mozhenkov wrote: > > Matthew Toseland wrote: > > >That's not the point. We already intend to make HTL=0 attacks > > >infeasible, and they go well beyond datastore probing (think social > > >engineering with NIM forms, Frost posts; put a different KSK/SSK on each > > >node). > > > > > >The point is, you can still time it, and there's no real way to beat > > >timing attacks in this area. > > > > I'm getting lost once again. First i don't understand why that is not the > > point, since if you simply not cache the data if it was requested locally, > > then if it somehow can be proven that your node has requested the block, > > and it is not in the datastore, then you were the requester; that > > compromises anonymity, not increases it. Second, i don't see what you have > > meant by the social engineering with nim/frost. > > If they bust your node and get your store, or even if they can probe it, > then they can prove what you've been downloading, with some degree of > confidence (because you have *all of it*). This is the Register attack. > This is what not caching locally requested files is working against. > -- > Matthew J Toseland - toad at amphibian.dyndns.org > Freenet Project Official Codemonkey - http://freenetproject.org/ > ICTHUS - Nothing is impossible. Our Boss says so. > > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.1 (GNU/Linux) > > iD8DBQFDMyVjHzsuOmVUoi0RAqZsAJ0Rb/rJzgZ8HKYaESAFSAcJMS7COQCeLrp2 > pDugYQwgz0ePU/SiEtskKyw= > =rcwT > -----END PGP SIGNATURE----- > > > _______________________________________________ > Support mailing list > Support at freenetproject.org > http://news.gmane.org/gmane.network.freenet.support > Unsubscribe at http://dodo.freenetproject.org/cgi-bin/mailman/listinfo/support > Or mailto:support-request at freenetproject.org?subject=unsubscribe > > -- I may disagree with what you have to say, but I shall defend, to the death, your right to say it. - Voltaire
