Confidence - (25-26.05 2010 Krakow)
Language: polski | engish

Zooko Wilcox O’Hearn

Zooko Wilcox O’Hearn is a peer-to-peer hacker and cypherpunk known for his work on DigiCash, Mojo Nation, Mnet, and AllMyData. He is the designer of multiple network protocols that incorporate such concepts as self-contained economies and secure reputation systems. He is the co-designer, along with Phil Zimmermann, of ZRTP. Zooko is credited as the originator of Zooko’s triangle, a schema that relates three desirable properties of identifiers.

Topic of Presentation: Tahoe-LAFS

Language: English

Abstract:Tahoe-LAFS secure decentralized storage system

“100 Year Cryptography” is a project to implement cryptographic techniques for maximum shelf-life and maximum predictibility of shelf-life. Of course, on the face of it, it is kind of ridiculous to think that we can deploy cryptography that will last one hundred years. Just think what sort of cryptography they were deploying one hundred years ago! Okay, but then what about 20 years? If you have information that you want to keep confidential for the next 20 years, does this mean your only way to be safe is to keep the information on a storage medium under your physical control? One interesting thing that we’ve learned is that while it is very hard to guarantee confidentiality for 100 years, it is relatively easy to guarantee integrity and authorization for 100 years, because if we learn that the cryptographic algorithms used to ensure integrity and authorization are actually crackable, for example if the secure hash function turns out to be vulnerable to second-preimages, you will probably have time to switch over to a new hash function before anyone can exploit the old one. On the other hand, even if you switch over to a new cipher when you learn that your old cipher was weak, you can’t make sure that all the copies of your old ciphertext was destroyed, so you remain vulnerable to someone violating your confidentiality by cracking your old cipher.

Our proposed solution is to use “combiners” — XOR the outputs of two ciphers together such as XSalsa20 and AES-128 and the result is at least as strong as either cipher. A similar technique can be used for combining two hash functions, although it is not as straightforward and is a new field of cryptography research. Finally a very simple technique can be used for combining two digital signature algorithms, although nobody to my knowledge has previously done so.