Cryptography Reference
In-Depth Information
Aserver,
S
i
, holds a document,
F
under a name,
N
i,j
by storing
the following:
Publiusisnamedafter
the pseudonym chosen
by Alexander Hamilton,
James Madison, and
John Jay. [Pub88] They
chose the pseudonym
from the name of
Publius Valerius
Publicola, a prominent
Roman consul known
for helping establishing
arepublic.
1. A share of a symmetric cipher key,
key
i
.Thisiscon-
structed by using a secret sharing algorithm to split the
key
,callit
key
into
n
parts so that any
m
are sufficient to recover it.
2. The result of encrypting
F
with some strong symmetric cipher,
ENC
)
. (The published paper stores the same encrypted
versiononallservers,butitmightmakesensetoaddanother
layer of encryption so that the encrypted version is different on
all servers.)
(
F, key
3. A name by which the part will be known. In this case,
name
i
=
h
by splitting
the result of the hash function in half and XORing the two parts
together.
(
F, k
i
)
. The original paper shortens the result of
h
4. A password that will give the creator the ability to delete and
update the block of data stored here. In this case, the password
itself is not stored, but the hash of the password concatenated
with the server's name:
h
(
S
i
, password
)
.
Storing the file involves encrypting it at least once with a random
key and splitting the key up between the servers. Recovering it in-
volves retrieving at least
m
shares of the key and the copies of the
encrypted file before decrypting them.
In the original version, the
n
servers are chosen from the names
themselves:
is a static number of
servers in the system. If by some coincidence, the various values of
name
i
only choose a small subsection of the set of servers, a different
key
name
i
mod
servers
where
servers
is chosen until the parts will be distributed successfully.
This process makes it possible to create short URLs produced by
concatenating the values of
name
i
into onemanageable block of text.
Here's one of the original URLs from the paper:
http://!anon!/AH2LyMOBWJrDw=GTEaS2GlNNE=NIBsZlvUQ-
P4=sVfdKF7o/kl=EfUTWGQU7LX=OCk7tkhWTUe=GzWiJyio75b=-
QUiNhQWyUW2=fZAX/MJnq67=y4enf3cLK/0=
name
i
are BASE64 encoded and separated by equals
signs. Any user recovering a document would choose a subset of
m
The values of
names and compute
name
i
mymod servers
to identify where the
parts might be stored before requesting them.
