Changes between Version 15 and Version 16 of NewMutableEncodingDesign


Ignore:
Timestamp:
2010-01-13T00:47:27Z (12 years ago)
Author:
davidsarah
Comment:

write caps need to be at least K + T bits

Legend:

Unmodified
Added
Removed
Modified
  • NewMutableEncodingDesign

    v15 v16  
    132132(in Figure 3). The design is:
    133133
    134  * (1K) writecap = K-bit random string (perhaps derived from user-supplied
    135    material) (remember, K=kappa, probably 128bits)
     134 * (K + T) writecap = (K+T)-bit random string, perhaps derived from user-supplied
     135   material (remember, K=kappa, probably 128bits)
    136136 * (minimum 2K) readcap = minimum 2*K-bit semiprivate key
    137137 * (minimum 2K) verifycap = public key
    138  * storage-index = truncated verifycap
     138 * storage-index = (possibly truncated) verifycap
    139139
    140140On each publish, a random salt is generated and stored in the share. The data
     
    151151Like above, but create two levels of semiprivate keys instead of just one:
    152152
    153  * (1K) writecap = K-bit random string
     153 * (K + T) writecap = (K+T)-bit random string
    154154 * (minimum 2K) readcap = minimum 2*K-bit first semiprivate key
    155155 * (minimum 2K) traversalcap = minimum 2*K-bit second semiprivate key
    156156 * (minimum 2K) verifycap = public key
    157  * storage-index = truncated verifycap
     157 * storage-index = (possibly truncated) verifycap
    158158
    159159The dirnode encoding would use H(writecap) to protect the child writecaps,
     
    170170private key out of the share and into the writecap:
    171171
    172  * (K) writecap = K-bit random string = privkey
     172 * (K + T) writecap = (K+T)-bit random string = privkey
    173173 * (2K + T) readcap = H(writecap)[:K] + H(pubkey)[:K+T]
    174174 * (K + T) verifycap = H(pubkey)[:K+T]
    175  * storage-index = truncated verifycap
     175 * storage-index = verifycap
    176176
    177177In this case, the readcap/verifycap holder is obligated to fetch the pubkey
     
    188188requiring the client to fetch a copy:
    189189
    190  * (K) writecap = K-bit random string = privkey
     190 * (K + T) writecap = (K+T)-bit random string = privkey
    191191 * (minimum 3K) readcap = H(writecap)[:K] + pubkey
    192192 * (minimum 2K) verifycap = pubkey
     
    206206doesn't even change the way the existing caps are used:
    207207
    208  * (1K) writecap = K-bit random string = privkey
     208 * (K + T) writecap = (K+T)-bit random string = privkey
    209209 * (2K + T) readcap = H(writecap)[:K] + H(pubkey)[:K+T]
    210210 * (2K + T) traversalcap: H(readcap)[:K] + H(pubkey)[:K+T]
    211211 * (K + T) verifycap = H(pubkey)[:K+T]
    212  * storage-index = truncated verifycap
     212 * storage-index = verifycap
    213213
    214214== Shorter readcaps (insecure) ==