[Cryptography] OFFSystem
Yui Hirasawa
yui at cock.li
Mon Feb 29 08:40:22 EST 2016
>>> So let me understand: exactly *where* is my data?
>>>
>>> If I have a file full of random numbers in country #1 and another file
>>> full of random numbers in country #2 and another file full of random
>>> numbers in country #3 and so on, so I guess my "data" is in *all* of the
>>> countries.
>>>
>>> But only I know the function that will transform the data stored in all of
>>> these countries into a form that might actually be useful, so my "data" is
>>> also in *none* of the countries.
>> Congratulations. You've rediscovered the argument every kiddie comes up
>> with to protect themselves from copyright lawsuits: I don't actually have
>> your protect music on my server. I have a bunch of random numbers. So does
>> my friend across the street. It happens that if you XOR the two together
>> you get the music, but neither of us actually has your music....
>>
>> It's nonsense. You're acting as if judges were idiots. They're not.
>>
>> If you encrypt your stuff locally before putting it in the cloud, and hold
>> the key yourself, you're protected against anything the cloud provider can
>> do. They can only deliver what they have (encrypted text that neither they
>> nor the government can read), not what they don't have (the corresponding
>> plaintext.) This is much safer than any hacks for spreading the stuff
>> around.
>>
>> Add integrity checks if you're concerned about modification attacks. Use
>> replicas and error correction to deal with failures of individual replicas.
>>
>> The rest is just noise.
>> -- Jerry
>
> https://en.wikipedia.org/wiki/OFFSystem
> http://offsystem.sourceforge.net/
There is also Tahoe-LAFS which is in active development. OFFsystem seems
to be more or less dead.
https://tahoe-lafs.org/trac/tahoe-lafs
https://en.wikipedia.org/wiki/Tahoe-LAFS
More information about the cryptography
mailing list