following-up to my own post: On Wed, May 9, 2012 at 6:34 AM, Zooko Wilcox-O'Hearn <zo...@zooko.com> wrote: > > 1. Decrypt the data, > 2. Verify the integrity of the data, > 3. Generate MAC tags for other data which would pass the integrity check. > > The fact that 3 is included in that bundle of authority means that I can't > use this notion of authenticated encryption to implement any of the current > Tahoe-LAFS filesystem semantics. We need to be able to grant authorities 1 > and 2 while withholding 3.
I forgot to mention that we also need to be able to grant someone the ability to do 2 without giving them the ability to do 1 or 3. This is so that you can hire someone to verify the integrity of your data, and repair damage to it, without giving them the ability to read or change the data. That requirement might be an interesting requirement to throw into the mix of symmetric-key-oriented "Option A" research. Regards, Zooko Wilcox-O'Hearn Founder, CEO, and Customer Support Representative, Least Authority Enterprises take advantage of cloud storage without losing control of your data: https://leastauthority.com _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography