[tahoe-dev] What Tahoe-LAFS Reveal to an Attacker

Greg Troxel gdt at ir.bbn.com
Wed Feb 27 21:09:38 UTC 2013


"Zooko O'Whielacronx" <zookog at gmail.com> writes:

> It is helpful to phrase the question in such precise terms. Now that I
> understand it, my answer is that you basically can't protect
> information that you send to a remote host, from the owner of that
> host. I like to mentally model it as talking to a remote guy and
> telling him facts, words, numbers, and asking him to remember them and
> tell them back to you later. You can't effectively enforce any
> controls on what else that guy does with those facts, words, numbers.
> You can't prevent him from thinking about them, and you can't prevent
> him from telling them to other people.

True, but there is a place for a system that has technical controls and
also legal controls (e.g., hosting providers that agree to
nondisclosure).  Relying on that alone would be foolish, but the
provider keeping the ciphertext confidential helps.[1]

> Now, what we do in Tahoe-LAFS is, we never tell the guy the actual
> words (cleartext) that make up our files! Encrypt everything, tell him
> the ciphertext, and then don't worry about what he does with the
> ciphertext.

Mostly true, but the remote person does know the approximate size of
files, and by watching access patterns can probably reconstruct a
hierarchy of the fs, albeit with opaque names and opaque contents.
I think that's ok though, because protecting against that is very very
expensive.[2]

Note that [1] helps with [2].

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20130227/c124f75f/attachment.pgp>


More information about the tahoe-dev mailing list