[tahoe-dev] usage of key file or smart card?
david-sarah at jacaranda.org
Mon Nov 23 01:25:25 UTC 2009
Zooko Wilcox-O'Hearn wrote:
> On Saturday, 2009-11-21, at 23:20 , David-Sarah Hopwood wrote:
>> It is really 128-bit.
> You can see that by the fact that it generates 16-byte (128-bit)
> encryption keys here:
Oh, but I'm not considering the effects of convergent encryption;
perhaps we should be more careful about calling that
"really 128-bit", although it should be equivalently secure
against attackers who do not know the convergence secret.
Tahoe can encrypt files in two modes, convergent and random-key.
It always encrypts mutable files (which are used to implement
directories) with random keys. It can encrypt immutable files
(typically, up to now, all non-directory files) in either mode,
but uses convergent encryption by default.
So, random-key encryption is really 128-bit. Convergent encryption
is 128-bit with the caveat that an attacker can confirm a guess for
the file contents if they know the "convergence secret". See
David-Sarah Hopwood ⚥ http://davidsarah.livejournal.com
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 292 bytes
Desc: OpenPGP digital signature
More information about the tahoe-dev