[tahoe-dev] "Elk Point" design for mutable, add-only, and immutable files

Zooko Wilcox-O'Hearn zooko at zooko.com
Sat Oct 10 22:42:08 UTC 2009

I've started a matrix of ways that an immutable file cap format could  
break: http://allmydata.org/trac/tahoe/wiki/NewCaps/WhatCouldGoWrong

Unfortunately I can't conveniently replicate the data into an email  
message (except by sending HTML-formatted email, which I assume most  
of you would hate and which I don't even know how to do).

So go read this page!  http://allmydata.org/trac/tahoe/wiki/NewCaps/ 

It includes how expensive it is to brute-force each part, which show  
us how big the crypto values R and T need to be.

Also pay attention to the "what crypto property do we rely on"  
column.  I wouldn't be surprised if SHA-256's collision-resistance is  
increasingly called into question in future years.  (On the other  
hand I would be rather shocked if SHA-256's second-pre-image  
resistance were called into question in the forseeable future.)



More information about the tahoe-dev mailing list