[dundee] BBC NEWS | Technology | This website will self-destruct...

Rick Moynihan rick.moynihan at gmail.com
Tue Aug 18 09:30:39 UTC 2009 

>> it's an awesome concept, but for one flaw in my opinion.
>>
>> "Instead, we leverage an unusual storage media in a novel way: namely,
>> global-scale peer-to-peer networks. Vanish creates a secret key to encrypt
>> a user's data item (such as an email), breaks the key into many pieces and
>> then sprinkles the pieces across the P2P network. As machines constantly
>> join and leave the P2P network, the pieces of the key gradually disappear.
>> By the time the hacker or someone with a subpoena actually tries to obtain
>> access to the message, the pieces of the key will have permanently
>> disappeared.
>>
>> This seems a very unreliable method of timing the key destruction. Also
>> what happens if you can only obtain 50% of the key?
>
2009/8/14 Robert Ladyman <it at file-away.co.uk>:
>
> Yes, it would be better to be able to set an expiry date, or decay rate, or
> somesuch
>

You're right that it's not perfect, but it's hard to see how you can
do something like this and allow flexibility in decay rate or expiry.
Whilst it's easy to implement software that will promise to delete a
key or key-part at some point in time, it's impossible on a
distributed network to trust that you're talking to nodes who are
trustworthy, and will fulfill their promise.

Hence the reason it's an elegant hack is because it avoids the bind by
building ontop of a widely deployed system that was built for another
purpose entirely.  You can 'trust' that the vast majority of the nodes
are going to fulfill the protocol correctly, because they're using it
to share files.

I think the paper said that the 8 hour destruct ensured a high
probability i.e. very close to 100% (they specified the actual number,
but I can't remember it) that the key would be present for 8 hours,
whilst there was a high probability that the key was destroyed after 9
hours.  I'm guessing that you can improve the probability that the key
is present for the 8 hours by distributing it more widely to more
nodes.

Obviously if you can obtain only 50% of the key, you have a problem
decoding the message.

R.

More information about the dundee mailing list