On Tuesday 12 August 2008 18:14, Michael Rogers wrote: > On Aug 11 2008, Matthew Toseland wrote: > >> The full key can still be calculated from the data though, right? So not > >> storing the key would only slow enumeration down. > > > >No. You can only decrypt the data if you have the key. > > I don't think we're talking about decrypting the data, just getting a list > of the keys in the store. You can get the key of any encrypted block by > hashing it, so I'm not sure we gain any security by not storing the key - > anyone who siezes the store can enumerate the keys it contains, that's > unavoidable as far as I can see, unless the legitimate user has some extra > information that a person seizing the store wouldn't have, such as a > passphrase. And that would create difficulties when automatically > restarting the node.
No. You can only decrypt the data if you have the key. :) Seriously, we encrypt the blocks in the salted hash datastore with a key derived from the key of the block. And we index them by a different hash of the same key. This increases the cost of an offline attack on the store considerably. > > Cheers, > Michael -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available URL: <https://emu.freenetproject.org/pipermail/devl/attachments/20080812/b94bd12b/attachment.pgp>
