[tahoe-dev] Choice of tree-hash
David-Sarah Hopwood
david-sarah at jacaranda.org
Mon Sep 24 19:35:14 UTC 2012
On 23/09/12 20:11, Tony Arcieri wrote:
> On Fri, Sep 21, 2012 at 5:02 AM, CodesInChaos <codesinchaos at gmail.com
> <mailto:codesinchaos at gmail.com>> wrote:
>
> This hash doesn't only detect bugs. It identifies the file. So you can
> easily see that a file stored on tahoe is the same one as a file
> stored on cryptosphere. (Obviously assuming knownledge of read caps)
>
> Why not use a hash (tree) of the ciphertext for this purpose? I suppose encrypting the
> hash of the plaintext accomplishes the same thing...
In addition to CodesInChaos' reply:
Integrity checking using a hash of the ciphertext relies on the decryption being
correct. Checking using an encrypted hash of the plaintext does not: the check will
fail if there is an error in either the decryption of the encrypted-hash, or the
decryption of the ciphertext.
If the plaintext hash were standardized, it could potentially also be sent as an
HTTP header and checked by the web browser, giving better end-to-end integrity.
--
David-Sarah Hopwood ⚥
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 554 bytes
Desc: OpenPGP digital signature
URL: <http://tahoe-lafs.org/pipermail/tahoe-dev/attachments/20120924/f0c91684/attachment.pgp>
More information about the tahoe-dev
mailing list