<div dir="ltr">Something I've thought about along these lines: (optionally) including a convergence secret within the capability itself. Excluding it would give you dedup and shorter capabilities. Including it would prevent the confirmation of file/learn the remaining data attacks but make the capability longer.</div>
<div class="gmail_extra"><br><br><div class="gmail_quote">On Thu, Jan 24, 2013 at 4:51 PM, Uncle Zzzen <span dir="ltr"><<a href="mailto:unclezzzen@gmail.com" target="_blank">unclezzzen@gmail.com</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div><div><div><div><div>Hi.<br></div>I've been looking at <a href="https://www.filerock.com/" target="_blank">https://www.filerock.com/</a> and although I have some reservations (server isn't open source, reasons to believe they collect statistics - e.g. web interface has google analytics, etc.) it's still interesting as something I could tell granny: "use this, it's pretty safe" (tried this with LAE and she's still recovering :) ), so any insight about them is welcome.<br>
<br></div>Anyway - I was reading the slides about "dedupable crypto" zooko has mentioned (don't remember where, can't find url now, but here's what I think is <a href="http://eprint.iacr.org/2012/631" target="_blank">the paper</a>), and my main concern is an attacker's ability to prove I'm storing known plaintext (censored, copyrighted, etc.). The estimate of what you save from this is 50% (just charge the customers twice, case closed). What you <i>risk</i> may be jail or worse :(<br>
<br></div>Now filerock has a very trivial approach: there's a folder called "encrypted" and the rest <i>isn't</i> (and can be easily deduped).<br></div><br>At the moment - everything in Tahoe-LAFS is encrypted (ain't complainin'). In future Tahoe-LAFS releases I'd rather see a choice per file between "encrypted (default)" and "plaintext (cheaper)" than having to use "dedupable crypto", exposing myself to censorship/copyright/etc. attacks.<br>
<br></div>Just my .002BTC worth<br></div>
<br>_______________________________________________<br>
tahoe-dev mailing list<br>
<a href="mailto:tahoe-dev@tahoe-lafs.org">tahoe-dev@tahoe-lafs.org</a><br>
<a href="https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev" target="_blank">https://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev</a><br>
<br></blockquote></div><br><br clear="all"><div><br></div>-- <br>Tony Arcieri<br>
</div>