[tahoe-dev] Question about convergence keys
Jeremy Fitzhardinge
jeremy at goop.org
Tue Aug 12 21:58:40 PDT 2008
Brian Warner wrote:
>> I guess if you want to store a mixture of small really confidential data
>> and large semi-confidential/public data, then you'd create two nodes with
>> distinct convergence keys. Or is there some more subtle way of achieving
>> the same result?
>>
>
> Aye, that's the rub: how do you tell whether a given file is confidential or
> not, and if it is guessable or not? You might presume that large files are
> not very guessable (and use some sort of heuristic like "use a null
> convergence secret for all files larger than 2MB"), but we can think of
> several counter-examples that are large, secret, and have low-entropy (i.e.
> are guessable). Base something off the filename? But then your security
> properties depend upon how you choose to name your files.
>
> The lack of a clear+safe heuristic, coupled with experimental data showing
> that convergence did not provide a significant reduction in disk usage, led
> us to choose non-convergent uploads (i.e. randomly generated convergence
> domains) for the current tahoe release.
So, presumably if a client changes its convergence key, does it lose
access to all its previously stored content? Or does it just change the
capabilities generated when you store something?
If you're using tahoe to do a full system backup, and you need to
recover everything, what's the minimum needed to do that? Is it just
the read capability of the root of the backup tree?
J
More information about the tahoe-dev
mailing list