[tahoe-dev] idea for a research project: policy-based convergent encryption with least authority file system

[Rohit Mehta]

Hi everyone, as a research project I was thinking I might be able to
work on a project related to LAFS, become more familiar with some of
the code-base and hopefully make a contribution which might be be
useful towards this project.

My idea would be to implement some sort of policy based convergent
encryption to help maximize deduplication without unnecessarily
increasing the risk of "Confirmation of File" attacks. I am far from
an expert in LAFS, but hopefully I will still be able to do some
valuable work.

I heard it mentioned that every user has a secret key which used as an
additional secret to protect their data, so users can only deduplicate
their own data.  However if a user is storing some data and they don't
care about "confirmation of file" attacks (for instance freely
downloadable PDFs), then they can zero out their key.  Additionally if
an organization (or any group of individuals who trust each other)
wants to deduplicate data within the organization (and be subject to
intra-organizational risks but not extra-organizational risks) then
that could be another convergent encryption policy.

I can only imagine 3 types of convergent encryption policies.  Might
there be more?  I think it would be possible to set policies as an
option when creating files via FUSE (via extended attributes), the
tahoe command line or via web-GUI, but probably not via sftp-FUSE.

As I'm a newb when it comes to most of this work, I'm curious what
other think. I'm hopeful I'll be able to contribute something to a
great project.

Thanks,

Rohit