On Aug 11 2008, Matthew Toseland wrote: >> The full key can still be calculated from the data though, right? So not >> storing the key would only slow enumeration down. > >No. You can only decrypt the data if you have the key.
I don't think we're talking about decrypting the data, just getting a list of the keys in the store. You can get the key of any encrypted block by hashing it, so I'm not sure we gain any security by not storing the key - anyone who siezes the store can enumerate the keys it contains, that's unavoidable as far as I can see, unless the legitimate user has some extra information that a person seizing the store wouldn't have, such as a passphrase. And that would create difficulties when automatically restarting the node. Cheers, Michael
