[tahoe-dev] Global deduplication of encrypted files

Peter Secor secorp at gmail.com
Fri May 6 08:35:20 PDT 2011


Just as a data point, on the production grid, we did set the same
convergence keys and shipped a pre-built Windows installation also with the
same key by default. The end user could override it if they wanted, but most
did not.
Ps
On May 6, 2011 3:09 AM, "Francois Deppierraz" <francois at ctrlaltdel.ch>
wrote:
> Hi Kenny,
>
> Le 05. 05. 11 23:21, Kenny Taylor a écrit :
>
>> Wuala seems to use the method SpiderOak cautions against. When a user
>> tries to upload a file, the client app encrypts it, hashes it, and asks
>> the network if an encrypted file already exists with the same hash. If
>> so, the existing file is linked into the user's account (no upload
>> needed!). It's a neat concept, but it has one big disadvantage: the
>> network can see each user who is sharing a file with a given hash.
>
> By default, Tahoe-LAFS uses a "convergence secret" which is randomly
> generated on the client at first run. If you'd like to have file
> deduplication between multiple clients (and understand the security
> risks), then you'd have to manually set the same convergence secret on
> each client.
>
> François
> _______________________________________________
> tahoe-dev mailing list
> tahoe-dev at tahoe-lafs.org
> http://tahoe-lafs.org/cgi-bin/mailman/listinfo/tahoe-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20110506/3a815509/attachment.html>


More information about the tahoe-dev mailing list