[tahoe-dev] [tahoe-lafs] #955: use client-side storage to defend against rollback attack
tahoe-lafs
trac at allmydata.org
Sun Feb 14 21:40:59 PST 2010
#955: use client-side storage to defend against rollback attack
-------------------------------+--------------------------------------------
Reporter: zooko | Owner:
Type: defect | Status: new
Priority: major | Milestone: undecided
Component: code-mutable | Version: 1.6.0
Keywords: integrity newcaps | Launchpad_bug:
-------------------------------+--------------------------------------------
As mentioned in http://www.mail-
archive.com/cryptography at metzdowd.com/msg10865.html , clients which have
previously viewed a mutable file or directory could remember the version
number that they had already seen and refuse to accept an earlier version
number after that. This would prevent rollback attack whenever that
client-side storage was carried from the first read to the next.
The client-side storage of the version numbers could be integrated with
the backupdb, which already likes to remember a few facts about files and
directories in order to optimize backups. (And eventually perhaps restores
and "mirrorings" and reads and writes as well.)
--
Ticket URL: <http://allmydata.org/trac/tahoe/ticket/955>
tahoe-lafs <http://allmydata.org>
secure decentralized file storage grid
More information about the tahoe-dev
mailing list