On Wed, Jul 11, 2012 at 7:08 PM, Zooko Wilcox-O'Hearn <[email protected]> wrote: > I've been thinking about this more, including re-reading BenL's post > to tahoe-dev. I was inspired by hearing that Tahoe-LAFS's use case had > been discussed at the recent "Directions in Authenticated Ciphers" > workshop: > > http://hyperelliptic.org/DIAC/ > > I've decided that I wasn't really on the right track to say > "Authenticated Encryption is useless for Tahoe-LAFS use cases", and > instead I should say "We need *public key* Authenticated Encryption > instead of *symmetric key* Authenticated Encryption for Tahoe-LAFS use > cases". > > • symmetric-key Authenticated Encryption = Message Authentication Code + > cipher
Strictly, MAC + cipher is just one way to satisfy the requirements of AE. > • "signcryption" = digital signature + public key encryption > > • Tahoe-LAFS mutable = digital signature + cipher > > • Tahoe-LAFS immutable = data identified by its secure hash + cipher Cool. So, I think you'd have to define AE differently for a public key version, but it seems totally doable. Maybe it is already defined? I haven't seen it if so. _______________________________________________ tahoe-dev mailing list [email protected] https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
