[tahoe-dev] cleversafe says: 3 Reasons Why Encryption is Overrated

[Jason Resch]

On Jul 26, 2009, at 12:11 AM, james hughes wrote:

 

 

    On Jul 24, 2009, at 9:33 PM, Zooko Wilcox-O'Hearn wrote:

 

 

        [cross-posted to tahoe-... at allmydata.org and cryptography at metzdowd.com ]

 

        Disclosure: Cleversafe is to some degree a competitor of my Tahoe- LAFS project. 

 

    ...

 

        I am tempted to ignore this idea that they are pushing about encryption being overrated, because they are wrong and it is embarassing. 

 

    The trick is cute, but I argue largely irrelevant. Follows is a response to this web page that can probably be broadened to be a criticism of any system that claims security and also claims that key management of some sort is not a necessary evil.... 

 

> It seems to me there's a much simpler critique. The Cleversafe approach - which is not without its nice points - solves the "key management problem" in exactly the same way that some version of Windows solved the "frequent General Protection Fault crashes" problem (by eliminating the error message).

 

Eliminating the error message amounts to ignoring the problem while sweeping it there under the rug, which I don't think is an accurate representation of how this technique handles key management.  This technique provides a genuine method for achieving a high degree of security without the need for a key management system.  James Hughes, who posted earlier in this thread, referenced a paper which explores this topic in greater detail: http://www.ssrc.ucsc.edu/Papers/storer-usenix07.pdf.  Cleversafe's method has the same confidentiality advantages as POTSHARDS yet we achieve much greater storage efficiency than is possible using an information theoretically secure secret sharing scheme, as POTSHARDS does.  While one may object to the fact that Cleversafe's technique requires that multiple secure locations for slices to be stored, this problem always existed for geo-dispersal.  When Cleversafe first began, the design did not have the feature of AONT; the benefits of dispersal alone (increased reliability, availability and efficiency in storage) were strong enough a motivation to pursue this model for data storage.