[tahoe-dev] [tahoe-lafs] #794: create DSA writecaps from a passphrase

tahoe-lafs trac at allmydata.org
Sat Aug 22 16:04:04 PDT 2009 

#794: create DSA writecaps from a passphrase
--------------------------+-------------------------------------------------
 Reporter:  warner        |           Owner:           
     Type:  enhancement   |          Status:  new      
 Priority:  major         |       Milestone:  undecided
Component:  code-mutable  |         Version:  1.5.0    
 Keywords:                |   Launchpad_bug:           
--------------------------+-------------------------------------------------
 once we have DSA-based mutable files, the signing keys will be
 randomly generated. It would be great if there were a way to type
 in a passphrase (or a list of words, or something memorable but
 with higher entropy than your normal password) and have tahoe
 hash that into a writecap. This would enable human-memorable
 mostly-secure rootcaps.

 (this trick only works because mutable files allow us to combine
 the confidentiality and the integrity into the same bits. For
 immutable files, this trick wouldn't give you file integrity.
 OTOH, there might be a use for a half-filecap which is derived
 from a passphrase and gives you reliability and confidentiality
 but not integrity).

 On the welcome page, next to the box where you can paste in a
 dircap, should have a box where you can type in a passphrase, and
 it will hash and redirect you to the corresponding directory.

 It might be nice to have a checksum of some sort, so people can
 tell the difference between misremembering their passphrase and
 searching for the directory on the wrong grid. Maybe the hashing
 process could also emit a 2 or 3 digit number, and users would be
 responsible for recognizing the number ("funny, it can't find my
 directory, oh but hey the computer usually tells me my checksum
 is 46 and this time it said 19, let me try retyping that"). Or
 the number could be expressed with a few goofy words, something
 easier to remember ("oh hey, it usually says
 FILIBUSTERING-NARWHAL but this time it said PACIFIST-JACKALOPE,
 let me try retyping that").

-- 
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/794>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid

More information about the tahoe-dev mailing list