[tahoe-dev] choosing when to have different convergence secrets
Greg Troxel
gdt at ir.bbn.com
Wed Feb 23 17:17:11 PST 2011
I didn't find this in the FAQ, so:
Q: I understand that using a convergence secret unknown to attackers
protects me from the known file confirmation attack. But, using a
different convergence secret on each client means that the same file
will be stored mulitple times. Should I use the same convergence
secret on all of my clients, or leave them different?
Proposed answer, of which I'm not sure:
A: If your files are the same (perhaps because you rsync some of them),
using the same convergence secret will save space. The convergence
secret used by a node is less sensitive than one's rootcap, so if you
store rootcap aliases on multiple machines, there's no harm in using the
same convergence secret.
and:
Q. Do I need to save the convergence secret to be able to recover my
files? What if I change the convergence secret periodically?
A. (UNSURE!) The encryption key is encoded in the capability, so the
convergence secret is not needed to recover files. Changing it means
that new files will no longer converge, but has no other bad effects.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110223/0a9f2536/attachment.pgp>
More information about the tahoe-dev
mailing list