[tahoe-dev] idea for a research project: policy-based convergent encryption with least authority file system

Rohit Mehta pigdog at gmail.com
Fri Mar 15 00:08:04 UTC 2013


Thanks Tony.  It sound like there might be 4 possible "dedup domains":
 world, group, individual, and directory?


On Thu, Mar 14, 2013 at 7:14 PM, Tony Arcieri <tony.arcieri at gmail.com> wrote:
> I'll toss my idea out there again: provide the option to add some random
> data to the ends of capabilities. This random data, if present would
> override the convergence secret, and the secret would be applied
> hierarchically to all subdirectories.
>
>
>
>
> On Thu, Mar 14, 2013 at 4:06 PM, Rohit Mehta <pigdog at gmail.com> wrote:
>>
>> Hi everyone, as a research project I was thinking I might be able to
>> work on a project related to LAFS, become more familiar with some of
>> the code-base and hopefully make a contribution which might be be
>> useful towards this project.
>>
>> My idea would be to implement some sort of policy based convergent
>> encryption to help maximize deduplication without unnecessarily
>> increasing the risk of "Confirmation of File" attacks. I am far from
>> an expert in LAFS, but hopefully I will still be able to do some
>> valuable work.
>>
>> I heard it mentioned that every user has a secret key which used as an
>> additional secret to protect their data, so users can only deduplicate
>> their own data.  However if a user is storing some data and they don't
>> care about "confirmation of file" attacks (for instance freely
>> downloadable PDFs), then they can zero out their key.  Additionally if
>> an organization (or any group of individuals who trust each other)
>> wants to deduplicate data within the organization (and be subject to
>> intra-organizational risks but not extra-organizational risks) then
>> that could be another convergent encryption policy.
>>
>> I can only imagine 3 types of convergent encryption policies.  Might
>> there be more?  I think it would be possible to set policies as an
>> option when creating files via FUSE (via extended attributes), the
>> tahoe command line or via web-GUI, but probably not via sftp-FUSE.
>>
>> As I'm a newb when it comes to most of this work, I'm curious what
>> other think. I'm hopeful I'll be able to contribute something to a
>> great project.
>>
>> Thanks,
>>
>> Rohit
>> _______________________________________________
>> tahoe-dev mailing list
>> tahoe-dev at tahoe-lafs.org
>> https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>
>
>
>
> --
> Tony Arcieri
>
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
>



-- 
--------------------------------------------------------------------------

                      ,'``.._   ,'``.
                     :,--._:)\,:,._,.:       All Glory to
                     :`--,''   :`...';\      the HYPNO TOAD!
                      `,'       `---'  `.    http://youtu.be/zHU2RlSCdxU
                      /                 :
                     /                   \
                   ,'                     :\.___,-.
                  `...,---'``````-..._    |:       \
                    (                 )   ;:    )   \  _,-.
                     `.              (   //          `'    \
                      :               `.//  )      )     , ;
                    ,-|`.            _,'/       )    ) ,' ,'
                   (  :`.`-..____..=:.-':     .     _,' ,'
                    `,'\ ``--....-)='    `._,  \  ,') _ '``._
                 _.-/ _ `.       (_)      /     )' ; / \ \`-.'
                `--(   `-:`.     `' ___..'  _,-'   |/   `.)
                    `-. `.`.``-----``--,  .'
                      |/`.\`'        ,','); SSt
                          `         (/  (/



More information about the tahoe-dev mailing list