[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] r1190 - GNUnet-docs/papers/ecrs
From: |
grothoff |
Subject: |
[GNUnet-SVN] r1190 - GNUnet-docs/papers/ecrs |
Date: |
Fri, 1 Jul 2005 10:55:32 -0700 (PDT) |
Author: grothoff
Date: 2005-07-01 10:55:27 -0700 (Fri, 01 Jul 2005)
New Revision: 1190
Modified:
GNUnet-docs/papers/ecrs/main.tex
Log:
more fixes from Krista
Modified: GNUnet-docs/papers/ecrs/main.tex
===================================================================
--- GNUnet-docs/papers/ecrs/main.tex 2005-07-01 17:21:15 UTC (rev 1189)
+++ GNUnet-docs/papers/ecrs/main.tex 2005-07-01 17:55:27 UTC (rev 1190)
@@ -750,8 +750,8 @@
Adding name\-spaces to the design requires a new type of block, called
an {\em SBlock}. An {\em SBlock} contains the key and query hash
-(CHK) of the top {\em IBlock} together with metadata about the
-content, thereby allowing users that receive an {\em SBlock} to
+(CHK) of the top {\em IBlock} together with the metadata belonging to
+the content, thereby allowing users that receive an {\em SBlock} to
download the file. However, this data is encrypted such that
intermediaries do not learn anything about the referenced file. The
encryption key is the hash of an identifier that the inserter chose
@@ -1027,7 +1027,7 @@
the memory requirements for the index by a factor of 16-64, depending
on the size of the hash. Since a node occasionally needs to remove
content from the local database, additional bit counters for the bloom
-filter should be stored on the disk. The assumption here is that
+filter should be stored on the disk. The assumption is that
changes to the filter are rare compared to the frequency of queries.
Queries that pass through the bloom filter are forwarded to the
database layer which then attempts to locate the content.
@@ -1051,24 +1051,24 @@
Splitting files into blocks might be perceived as having a negative
effect on the preservation of data. If only one of the blocks is
-lost, the larger file can no longer be reconstructed. Thus, many
-other systems~\cite{freehaven-berk,mojotech} strive to keep files
-intact or use erasure codes~\cite{rabin89efficient} to patch missing
-pieces. While erasure codes could be used together with ECRS, they
-would conflict with the performance benefits of on-demand encoding.
-Consequently, the primary mechanism to guard against the loss of files
-encoded with ECRS should be data replication. Since ECRS is splitting
-files into blocks it should be possible for the network to duplicate
-blocks at a negligible cost per block. Duplicating a complete file of
-several gigabytes would be much more costly and more likely to fail.
-For large files, it may be difficult for a peer to find individual
-hosts that are willing (or able) to provide enough space to replicate
-the complete file in its entirety. Also, the traffic burst that a
-large transfer would impose on the network might keep the
-participating nodes busy for too long. Blocks, on the other hand, can
-migrate quickly from host to host. Storing a large file on a single
-host also fails to facilitate distribution of load for downloading
-purposes.
+lost, the larger file can no longer be reconstructed. Many other
+systems~\cite{freehaven-berk,mojotech} attempt to address this problem
+by either attempting to keep files intact, or by using erasure
+codes~\cite{rabin89efficient} to patch missing pieces. While erasure
+codes could be used together with ECRS, they would conflict with the
+performance benefits of on-demand encoding. Consequently, the primary
+mechanism to guard against the loss of files encoded with ECRS should
+be data replication. Since ECRS splits files into blocks it should be
+possible for the network to duplicate blocks at a negligible cost per
+block. Duplicating a complete file of several gigabytes would be much
+more costly and more likely to fail. For large files, it may be
+difficult for a peer to find individual hosts that are willing (or
+able) to provide enough space to replicate the complete file in its
+entirety. Also, the traffic burst that a large transfer would impose
+on the network might keep the participating nodes busy for too long.
+Blocks, on the other hand, can migrate quickly from host to host.
+Storing a large file on a single host also fails to facilitate
+distribution of load for downloading purposes.
\subsection{Attacks}
@@ -1106,7 +1106,7 @@
While this would defeat the use of convergent encryption and increase
the storage and bandwidth requirements, this would make it infeasible
for the censor to effectively censor all of the variants. Since such
-a powerful active attacker is likely to be uncommon the {\em default}
+a powerful active attacker is likely to be uncommon, the {\em default}
in ECRS is to use convergent encryption.
Both attacks fail to enable intermediaries to exercise editorial
@@ -1172,7 +1172,7 @@
The triple-hash that was used instead of {\em KBlock}s in our earlier
work ~\cite{esed} allows for an attack by an active, participating
adversary. The following paragraphs first briefly present the original
-scheme, discuss the attack and then compare it with the {\em KBlock}
+scheme and discuss the attack, and then compare it with the {\em KBlock}
approach taken in this paper.
Let an {\em RBlock} be a new kind of block that also contains the
@@ -1227,21 +1227,21 @@
work better than the triple-hash against adversaries that
indiscriminately attempt to abuse network resources, but at the
expense of higher CPU utilization even in the absence of an attack.
-Thus using the triple-hash scheme may still be reasonable in networks
+Thus, using the triple-hash scheme may still be reasonable in networks
with limited CPU power or less stringent security requirements.
\section{Conclusion} \label{conclusion}
-This paper has described an encoding scheme which hides the shared
-data from intermediaries. The encoding uses convergent encryption,
-allows swarming and produces a ciphertext that is not significantly
-larger than the plaintext. Individual blocks of the ciphertext can be
+This paper has described an encoding scheme which hides shared data
+from intermediaries. The encoding uses convergent encryption, allows
+swarming and produces a ciphertext that is not significantly larger
+than the plaintext. Individual blocks of the ciphertext can be
generated from plaintext without reading unrelated parts of the
-original. While dictionary attacks on the keywords or known
-plaintext attacks on the content are still possible, they are harmless
-with respect to the goal of deniability for intermediaries. The basic
+original. While dictionary attacks on the keywords or known plaintext
+attacks on the content are still possible, they are harmless with
+respect to the goal of deniability for intermediaries. The basic
encoding scheme can be extended with directories and name\-spaces.
Name\-spaces allow for files and directories to be updated. Using
$k$-deterministic public-private keys for signing content it is
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] r1190 - GNUnet-docs/papers/ecrs,
grothoff <=