[tahoe-dev] [tahoe-lafs] #750: deterministic IV for writecaps for dir entries
tahoe-lafs
trac at allmydata.org
Sun Jul 12 07:24:09 PDT 2009
#750: deterministic IV for writecaps for dir entries
-------------------------------+--------------------------------------------
Reporter: zooko | Owner:
Type: enhancement | Status: reopened
Priority: major | Milestone: 1.5.0
Component: code-dirnodes | Version: 1.4.1
Resolution: | Keywords: confidentiality
Launchpad_bug: |
-------------------------------+--------------------------------------------
Comment(by zooko):
By the way, a more traditional way to do something like this ''would'' be
to use the same key (the one for the dir) to encrypt each entry and use a
unique IV for each entry. We are in the habit of instead generating a
unique key for each thing we want to encrypt and typically just leaving
the IV at 0, which seems fine to me, too.
Your proposed fix is in the latter tradition. Please hurry up and commit
it so that nobody uses trunk to write directories insecurely!
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/750#comment:7>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list