[144704] in cryptography@c2.net mail archive
Re: cleversafe says: 3 Reasons Why Encryption is Overrated
daemon@ATHENA.MIT.EDU (Zooko Wilcox-O'Hearn)
Sun Aug 9 10:16:01 2009
In-Reply-To: <4A7A99C7.4010500@links.org>
Cc: Cryptography List <cryptography@metzdowd.com>
From: Zooko Wilcox-O'Hearn <zooko@zooko.com>
Date: Sat, 8 Aug 2009 22:49:36 -0600
To: Ben Laurie <ben@links.org>
[dropping tahoe-dev from Cc:]
On Thursday,2009-08-06, at 2:52 , Ben Laurie wrote:
> Zooko Wilcox-O'Hearn wrote:
>> I don't think there is any basis to the claims that Cleversafe
>> makes that their erasure-coding ("Information Dispersal")-based
>> system is fundamentally safer
...
> Surely this is fundamental to threshold secret sharing - until you
> reach the threshold, you have not reduced the cost of an attack?
I'm sorry, I don't understand your sentence. Cleversafe isn't using
threshold secret sharing -- it is using All-Or-Nothing-Transform
(built out of AES-256) followed by Reed-Solomon erasure-coding. The
resulting combination is a computationally-secure (not information-
theoretically-secure) secret-sharing scheme. The Cleversafe
documentation doesn't use these terms and is not precise about this,
but it seems to claim that their scheme has security that is somehow
better than the mere computational security that encryption typically
offers.
Oh wait, now I understand your sentence. "You" in your sentence is
the attacker. Yes, an information-theoretically-secure secret-
sharing scheme does have that property. Cleversafe's scheme hasn't.
Regards,
Zooko
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
