For what it is worth, in the Tahoe-LAFS project [1] we simply use CTR
mode and a unique key for each file. Details: [2]
Tahoe-LAFS itself doesn't do any deltas, compression, etc., but there
are two projects layered atop Tahoe to add such features -- a plugin
for duplicity [3] and a new project named GridBackup [4].
Those upper layers can treat the Tahoe-LAFS as a secure store of
whole files and therefore don't have to think about details like
cipher modes of operation, nor do they even have to think very hard
about key management, thanks to Tahoe-LAFS's convenient capability-
based access control scheme.
Regards,
Zooko
[1] http://allmydata.org
[2] http://allmydata.org/trac/tahoe/browser/docs/architecture.txt
[3] http://duplicity.nongnu.org
[4] http://podcast.utos.org/index.php?id=52
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com