[Imported from Trac: page NewCapDesign, version 11]
parent
d1702aa351
commit
bc3c7bd5da
|
@ -87,13 +87,13 @@ established sense). To make them real, we need to:
|
|||
|
||||
## make them long enough to be secure
|
||||
|
||||
We want filecaps to be as possible, but no shorter. There are
|
||||
We want filecaps to be as short as possible, but no shorter. There are
|
||||
several lower bounds on the length:
|
||||
|
||||
* confidentiality: A large computing effort should not be able
|
||||
to obtain the plaintext of a tahoe file without knowing the
|
||||
readcap. We require reasonable margin against improvements in
|
||||
hardware speed and organization efficiency/motivation of
|
||||
hardware speed and organizational efficiency/motivation of
|
||||
distributed efforts (e.g. could a million PS3 owners break a
|
||||
filecap?). This currently implies a 128 bit confidentiality
|
||||
field.
|
||||
|
|
Loading…
Reference in a new issue