[Cryptography] Redundant Array of Cryptographic Services
Phillip Hallam-Baker
phill at hallambaker.com
Tue Jan 21 20:10:52 EST 2020
On Tue, Jan 21, 2020 at 1:58 PM Ben Laurie <ben at links.org> wrote:
> On Sun, 19 Jan 2020 at 04:07, Phillip Hallam-Baker <phill at hallambaker.com>
> wrote:
>
>> One of the feature sets for the Mesh requires a set of cryptographic
>> agent functions. I have generalized these as follows:
>>
>> 1) Haber-Stornetta Hash Chain notary
>>
>> Yeah, gets request, signs it, chucks it in a blockchain, blockchain then
>> cross notarizes periodically with others. Job done.
>>
>
> Not quite so simple. You need some way to prevent spam/kiddyporn.
>
Good point. I have considered these at length though.
Kiddyporn is easy, just notarize the hash of the data rather than the data
itself. I have also constructed the DARE Sequence format in such a fashion
that it is possible to erase the body of the sequence entries without
disrupting the chain calculations.
It is easier still when encryption is used, a single asymmetric exchange
may be applied to encrypt multiple block by means of a nonced KDF. If the
nonce is sufficiently large (i.e. 128/256 bits) then erasure of the nonce
is sufficient to render the ciphertext unavailable.
Spam is a different matter. Basically these are Web Services that require
authenticated requests from authorized users. Every Mesh Message is subject
to access control.
DDoS is another issue entirely. That is not one of the problems I am
worrying about right now. The assumption being that if one agent is down,
you pick a different one. Or you wait.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20200121/ac9b309d/attachment.htm>
More information about the cryptography
mailing list