[tahoe-dev] RSA slides: first draft

Zooko O'Whielacronx zookog at gmail.com
Fri Jan 15 17:47:46 UTC 2010

Wow!  Excellent work, Brian!  What great slides!

These notes very quick and sloppy because I need to do some work for
my day job now.

 * I think the fact that the concept of SIs should be omitted entirely
from the presentation.  So for example the fact that the SI is the
secure hash of the key on slide 13.

 * I suggest on slide 15 or so to change the storage servers into
logos of cloud providers a la http://allmydata.org/~zooko/RAIC.png .

On Friday, 2010-01-15, at 5:06 , Brian Warner wrote:

> And I'd really like to have a full slide on semi-private DSA keys because this could be a good chance to get some serious cryptographers interested.

I think the concept of semi-providate keys should be omitted because:

1.  I no longer have any interest in using semi-private keys for the
next version of our crypto, because:
  a.  New and untested.
  b.  Doesn't offer shorter caps than ElkPoint-type designs.
  c.  Doesn't offer more widely understandable design than Simple-type designs.
  d.  I don't see how to cascade two digital signature algorithms
together [1] using semi-private keys...  Oh wait, maybe I do.  But
items (a) through (c) still apply.  :-)

2.  This presentation isn't a way to get real peer-review of
semi-private keys from real cryptographers.  We'll have to write a
paper for a crypto conference or journal to get that.  We've already
gotten lots of informal peer-review from cryptographers (e.g. [2]),
and more of that sort is the best we could hope for from this

3.  There are other things that I would like to put in if we have time
-- deep-immutable directories, maybe something about web-integration,
maybe something about "100 year cryptography" [1].

 * Re "full mesh" technically the Tahoe-LAFS network topology (when
there aren't connectivity failures such as double-NAT) is a
"bi-clique" [3], not a "full mesh", but maybe it doesn't matter for
this presentation.

 * page 32 or so, be sure not to leave the impression that Tahoe-LAFS
doesn't have garbage collection.



[1] http://testgrid.allmydata.org:3567/uri/URI:DIR2-RO:j74uhg25nwdpjpacl6rkat2yhm:kav7ijeft5h7r7rxdp5bgtlt3viv32yabqajkrdykozia5544jqa/wiki.html#%5B%5Bcan%20we%20build%20a%20crypto%20system%20to%20last%20for%20a%20hundred%20years%3F%5D%5D
[2] http://www.mail-archive.com/cryptography@metzdowd.com/msg10660.html
[3] http://en.wikipedia.org/wiki/Complete_bipartite_graph

More information about the tahoe-dev mailing list