From 284d7c99da4a286eb3a2635c53f981614c8d7e72 Mon Sep 17 00:00:00 2001 From: daira <> Date: Mon, 29 Jul 2013 10:28:31 +0000 Subject: [PATCH] describe the difference between erasure coding and secret sharing [Imported from Trac: page FAQ, version 97] --- FAQ.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/FAQ.md b/FAQ.md index 7cff00f..e53046d 100644 --- a/FAQ.md +++ b/FAQ.md @@ -20,7 +20,11 @@ This uses an amount of space on each server equal to the total size of your data The default Tahoe-LAFS parameters are `3-of-10`, so the data is spread over 10 different drives, and you can lose any 7 of them and still recover the entire data. This gives much better reliability than comparable RAID setups, at a cost of only 3.3 times the storage space that a single copy takes. It takes about 3.3 times the storage space, because it uses space on each server equal to 1/3 of the size of the data, and there are 10 servers. -Erasure coding is also known as "forward error correction". +"Forward error correction" is another term for erasure coding. + +Erasure coding should not be confused with "secret sharing", which has the additional security property that fewer than `K` servers cannot recover any information about the data. Tahoe-LAFS' erasure coding does not have this property, and does not need to have it because we rely on secret-key encryption (using a key in the read cap) for confidentiality. + +"Information Dispersal Code" (IDA) can refer either to an erasure code or a secret sharing algorithm depending on context, so we prefer not to use that term. **Q3: Is there a way to disable the encryption for content which isn't secret? Won't that save a lot of CPU cycles?**