[tahoe-dev] [tahoe-lafs] #604: one-shot distributed revocable forwarding slots
tahoe-lafs
trac at allmydata.org
Tue Feb 3 23:18:38 UTC 2009
#604: one-shot distributed revocable forwarding slots
---------------------------+------------------------------------------------
Reporter: warner | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: undecided
Component: code-encoding | Version: 1.2.0
Keywords: revocation | Launchpad_bug:
---------------------------+------------------------------------------------
Comment(by swillden):
An effect of the multiple shares is that if Bob wants to get the secret
without tripping the opened flag, he has to subvert all of the servers.
Without that, perhaps it just happens that Alice places the secret on a
server that Bob controls. So if that server has enough information to
allow Bob to recover the secret, then he can retrieve the data and see
that the flag remains in the unopened state.
Of course, if Alice only contacts servers that Bob controls when she tries
to revoke, or if they're the only ones on-line when she checks, then it's
possible for Bob to take the secret undetectably.
By setting k high (perhaps even k = N, with large N), Alice can make
undetected retrieval hard (increasing the number of servers Bob has to
control) at the expense of making the secret less reliable. By choosing
small k, she makes the secret reliable, but undetected retrieval easier.
Interesting idea. I don't see any practical applications, but it is
interesting.
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/604#comment:2>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list