[tahoe-dev] two reasons not to use semi-private keys in our new cap design
Shawn Willden
shawn-tahoe at willden.org
Fri Jul 17 04:09:04 UTC 2009
On Thursday 16 July 2009 09:20:31 pm Zooko O'Whielacronx wrote:
> However, I really don't think we should rely on semi-private keys in
> our next cap design. There is no formal proof of their security,
> they've never been officially peer reviewed by cryptographers in a
> journal or conference, they are a new idea and almost all
> cryptographers on the planet have never heard of them.
I agree. I was only able to find a way to reduce the security by one or two
bits, but I'm just a wannabe. The idea *seems* like it should be solid,
but...
Maybe you should publish it and then think about including it in Tahoe 3.0.
> Note: I haven't yet published my idea for how to achieve "only one
> crypto value" by compressing together the read key and the verify
> hash.
Get with it, man! It's like you have a job or something!
;-)
Shawn.
More information about the tahoe-dev
mailing list