[tahoe-dev] “On the limits of the use cases for authenticated encryption”

Zooko Wilcox-O'Hearn zooko at zooko.com
Wed Jul 11 18:08:33 UTC 2012


I've been thinking about this more, including re-reading BenL's post
to tahoe-dev. I was inspired by hearing that Tahoe-LAFS's use case had
been discussed at the recent "Directions in Authenticated Ciphers"
workshop:

http://hyperelliptic.org/DIAC/

I've decided that I wasn't really on the right track to say
"Authenticated Encryption is useless for Tahoe-LAFS use cases", and
instead I should say "We need *public key* Authenticated Encryption
instead of *symmetric key* Authenticated Encryption for Tahoe-LAFS use
cases".

• symmetric-key Authenticated Encryption = Message Authentication Code + cipher

• "signcryption" = digital signature + public key encryption

• Tahoe-LAFS mutable = digital signature + cipher

• Tahoe-LAFS immutable = data identified by its secure hash + cipher

Regards,

Zooko


More information about the tahoe-dev mailing list