[117901] in Cypherpunks
Re: request for information/virtual private network as parallel architecture
daemon@ATHENA.MIT.EDU (Michael J . Fromberger)
Tue Sep 14 15:19:08 1999
Date: Tue, 14 Sep 1999 14:43:35 -0400
From: "Michael J . Fromberger" <Fromberger@Clothing.Dartmouth.EDU>
To: cypherpunks@toad.com
Message-ID: <19990914144335.R34703@linguist.dartmouth.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <3.0.6.32.19990914172719.007d5e30@mail.elender.hu>; from holist on Tue, Sep 14, 1999 at 05:27:19PM +0200
Reply-To: "Michael J . Fromberger" <Fromberger@Clothing.Dartmouth.EDU>
quoth holist:
> At 10:07 1999. 09. 14. -0400, Michael J. Fromberger wrote:
> >It seems like you're basically describing a software RAID, where the
> >data are mirrored, but instead of mirroring literal copies, you mirror
> >shares of the data constructed using some secret-sharing scheme.
> >Would some variation of Shamir's linear-algebraic scheme work for this
> >purpose?
>
> >Of course, you'd have the problem that if one of your nodes bit the
> >dust, you'd be screwed, but then that's the point of encryption.
>
> No, that's not the point - it would have to have graceful
> degradation as well - so that I could loose a fair-few of the nodes
> before the system breaks down.
Secret-sharing schemes can fairly easily be constructed so that ANY
subset of size k is sufficient to reconstruct the original data, but
that any subset of size < k cannot. So presumably if you have n
servers, and used a scheme of this kind, you could choose k as some
value sufficiently less than n to give you a reasonable buffer against
theft or hardware failure.
Obviously, you don't want to choose k _too_ small, or it will be too
easy to compromise the system. Still, the point is that you're not
limited to requiring all n servers to work perfectly. I still think a
software RAID is probably a reasonable way to approach the problem,
from a development perspective. Obviously, there may be additional
constraints which might render this unworkable.
Shamir's secret-sharing scheme is presented pretty nicely by Doug
Stinson in _Cryptography in Theory and Practise_ (CRC Press), if
you're interested in examining the mathematics of it.
Cheers,
-M
--
Michael J. Fromberger Software Engineer, Thayer School of Engineering
sting <at> linguist.dartmouth.edu http://www.dartmouth.edu/~sting/
7Y+Am9Ot9EbLLcCgT/BdGdprlj9L6Cy4v1n+KCbbPoU9ucMcLa6wfvoN4NWRMAZdOvBPTJzj
Remove clothing if you wish to reply to this message via e-mail.
