[tahoe-dev] two reasons not to use semi-private keys in our new cap design

Shawn Willden shawn-tahoe at willden.org
Thu Jul 16 21:09:04 PDT 2009


On Thursday 16 July 2009 09:20:31 pm Zooko O'Whielacronx wrote:
> However, I really don't think we should rely on semi-private keys in
> our next cap design.  There is no formal proof of their security,
> they've never been officially peer reviewed by cryptographers in a
> journal or conference, they are a new idea and almost all
> cryptographers on the planet have never heard of them.

I agree.  I was only able to find a way to reduce the security by one or two 
bits, but I'm just a wannabe.  The idea *seems* like it should be solid, 
but...

Maybe you should publish it and then think about including it in Tahoe 3.0.

> Note: I haven't yet published my idea for how to achieve "only one
> crypto value" by compressing together the read key and the verify
> hash.

Get with it, man!  It's like you have a job or something!

;-)

	Shawn.


More information about the tahoe-dev mailing list