[tahoe-dev] [tahoe-lafs] #684: let client specify the encryption key

tahoe-lafs trac at allmydata.org
Wed Apr 22 19:18:00 UTC 2009


#684: let client specify the encryption key
---------------------------+------------------------------------------------
 Reporter:  zooko          |           Owner:            
     Type:  enhancement    |          Status:  new       
 Priority:  major          |       Milestone:  eventually
Component:  code-encoding  |         Version:  1.4.1     
 Keywords:                 |   Launchpad_bug:            
---------------------------+------------------------------------------------

Comment(by swillden):

 I think it's a little worse than just loss of confidentiality.  Since the
 storage ID is derived from the key, won't adding two files with the same
 key cause the first one to be lost?  Or will the storage servers just
 refuse to accept another share of the same SID?  If that's the case, and
 new servers have been added to the grid, it's possible that shares of the
 second file could be stored and then when the client tries to download the
 file it gets a mixture of shares from the two files... essentially losing
 both.

 Clients should only set their own encryption key if they use another
 mechanisms to ensure that a given encryption key is only used once.

-- 
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/684#comment:1>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid


More information about the tahoe-dev mailing list