Shawn Willden wrote: > On Tuesday 15 September 2009 09:57:15 pm David-Sarah Hopwood wrote: >> <http://jacaranda.org/tahoe/mutable-addonly-elkpoint-3.svg> >> >> I'll explain it in more detail tomorrow. I dropped the ability to have >> write-only caps that do not allow reading, so only needed symmetric >> encryption. > > One thing that has confused me about your diagrams is the role of V in the > signature operation that generates "a SigC". It says that V is the "key", > which I would think means it's the signing key -- but what, then is KC_sign > for? > > What makes sense to me is that V = KC_verify and KC_sign are an asymmetric > key > pair, and that the signing operation does not really involve V. If that's > correct, I think you should move the 'key' label to the arrow from KC_sign > and remove the arrow from V.
Oops, you're right, that's a mistake in the diagram. Now fixed (at the same URLs, since this was just an error rather than a new version of the protocol). > It might also be clearer to change the label on > V to KC_verify, and eliminate the "V = KC_verify" text. It is called V in both the mutable and immutable protocols because it plays the same role in each protocol. Otherwise it would be necessary to use "KC_verify or UEBhash" when saying something that applies to both protocols. > Another relationship that perhaps should be made more clear is the > relationship between S and KR_sign. If I understand it correctly, they are > another asymmetric key pair. Yes. S = KR_verify; I didn't change its name because that would have obscured the similarity to the previous version. > However, your comment that you only need symmetric encryption for this > version > would indicate that I don't understand any of what I think I understand, > because I don't see how you can accomplish the goals of either Sig_KR or a > SigC, as I understand them, without asymmetric encryption. They use signature algorithms, which are asymmetric cryptography, but not asymmetric encryption. -- David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com _______________________________________________ tahoe-dev mailing list [email protected] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
