published secret - similiar to AP prot
Tom
tom at ricardo.de
Fri Feb 9 07:03:11 PST 2001
Bill Stewart wrote:
> One simple approach - have Bob use a CGI script for publishing the material,
> e.g. http://bob.com/cgi-bin/backups?alice-file-123
> that notifies Bob when the URL is accessed, and either returns
> the desired file or another URL that points to the real file.
> More complex - have Bob require a signature from Alice on the request.
that part is actually the least of my worries.
> You have to think about threat models. If Alice is under attack,
> do the attackers have Alice's mailbox that would contain the URL?
> Do they have Alice's private key? Do you care?
> Does Bob have a site like Cryptome where anybody can read everything?
> Does Bob have a samizdat site where only people who have the
> password for a file can access that file (and maybe the password
> is the hash of the file)?
the threat model is that alice's system has possibly been compromised or
shut down, but alice herself (and thus the private key or at least the
passphrase) is still secure. the story would continue with alice digging
out the mirrors and redirecting her web traffic there, so if alice goes
down, things are lost anyways.
> If Bob doesn't want legal problems because of Alice,
> it's safer if he doesn't tell Alice, or at least doesn't
> do anything different for Alice than he would for any other customer.
that's the problem. so how does alice know if bob doesn't tell?
> The simplest version works like this
> key = hash(file)
> filename = hash(key, salt) # One salt for entire site
> Store Encrypt(file, key) as "filename".
that's a good start. using a hash of the content as the filename is a
really important idea that will surely help me along here.
More information about the cypherpunks-legacy
mailing list