~pukkamustard/eris

Security Considerations

pukkamustard <pukkamustard@posteo.net>
Details
Message ID
<86tueffx8g.fsf@posteo.net>
DKIM signature
pass
Download raw message
1 year, 8 months ago 
Hi,

I just pushed an update to the spec that adds a section on Security
Considerations:

https://inqlab.net/git/eris.git/diff/spec/eris.adoc?id=1ec26b8c09b53147e1673ad37b6eaf24c0b8bbf8

See the rendered version here: http://purl.org/eris

This is something very important we have been missing and inspired by
insight from recent discussions I've drafted an initial version of the
section.

The formulation of objectives has also changed and is now:

- Availability
- Data integrity
- Intermediary Peer Deniability
- Censorship Resistance
- Deterministic Identifiers
- URN reference
- Storage efficiency
- Simplicity

Most notably "Confidentiality" is dropped in favor of "Intermediary Peer
Deniability". I think this is really much closer what we had in
mind. Calling it "Confidentiality" was confusing, if not misleading.

What is missing is a bit of an elaboration on the known attacks on
convergent encryption and why Intermediary Peer Deniability is not
Confidentiality.

Also I wonder if always using a random convergence secret implies
confidentiality?

Ammends, suggestions and thoughts?

- pukkamustard
Reply to thread Export thread (mbox)