I would say something that can take the scheme further if needed. We can add a huge amount of entropy with various methods. So a roadmap of these is always good to keep at hand.
The difference with the Storj model and SAFE is pretty vast, we don’t and should not know who stores what or who asks for it. So like all security elements I think it cannot be compared like that with any honesty really. A secure algorithm is insecure if used incorrectly. This is why NaCl exists as well as other crypt libs like the excellent cryptopp in c++. It’s how they are used and in what context that matters as well as being implemented correctly at the algorithm level. So half story is select the algo and the other half is where and how will you use it. Then the comparisons are valid. Well I feel anyway.
Thanks David for taking the time. I have no idea how to interpret that response but will assume it exceeds the expectations of those looking for answers. Your efforts are not wasted on me though as these posts will surely make it to other venues.
What do you mean by storing it privately? Not storing it on the SAFE network? Or using another encryption key to encrypt them before uploading onto the SAFE network?
What do you mean by “public data”? Does the SAFE network support unencrypted files?
I was thinking about use cases which would need encrypted and distributed version of DropBox.
If was to fix Tonda’s issue, rather than a fix to SAFE. A fix to the problem presented.
The size of he network would make the attack very difficult. Even just becoming the relay node for who you want to investigate would be extremely difficult
It seems we’ve been talking about the same thing just in slightly different ways. What I didn’t know is that It had already been solved. Hence the previous proposals and confusion. I think this vector should noted in the Wiki with acknowledgment of the current limitations and potential future solutions. If implementation of this protection is to be delayed beyond version 1.0 (after full safecoin deployment), a user should be given the knowledge needed in concise fashion to make an informed decision regardless of the high level improbability afforded by the 1.0 iteration. Salting/random padding each chunk IMO grants the highest level of snooping improbability I can think of. This considering the average processing power per household. How many more cycles would this even consume? It might not be very significant. Only the slowest machines (Pentium two, K6-2, etc) dedicated with a bare bones OS might struggle to run a single vault) based on expected speeds of a cleanly written combo of vault+launcher+client in such a high performance language. I admit the crypto is a pain the ass.
You’re probably going to have to provide more detail or maybe I overlooked something important. I will say that there is no plain text on the network aside from anonymized packet headers.
So what!? I’ll rehash topics a million times to clarify my understanding if possible. Each of us has our own writing styles that can skew the interpreters understanding. You have been guilty of many misunderstandings and perpetuation of misinformation. If you’re writing specifically about the OP, then get over it. Such is the behavior of many new members. This is an international forum. Clarification will always be sought until we can establish that formal language I wrote of months ago.
Files that are stored on the network in encrypted (with the users credentials in addition to convergent encryption) form without the datamap (file hashes and XOR address IIRC) being shared. Public data on the other hand is only self encrypted with the datamap available to all users of the network. Without the datamap of a files, there is no way to know where to look for it. Nothing to sample that would lead you closer. The additional encryption with the users credentials makes it impossible to ID private files. Knowing the exact size of the target files is also useless due to padding and datamap coupling (for tiny files).
Right, but let’s take it to the max. If applying some random padding/salt has an a near insignificant impact on performance and overhead then we should at least make this optional. I hate the idea of even one more killed/silenced because of corners cut of technological limits. SAFE can step in to shield us from such tyranny. David doesn’t seem one to make compromises unless critical. I can only hope my assessment is correct.
Now time for some scotch. Just imagine all the beauty 5MB’s can allow on SAFE. Now I can upload my “welcome party” website without having to string it together via multiple separate services! Yay! Me very happies.
