[GNUnet-SVN] r1190 - GNUnet-docs/papers/ecrs

[grothoff]

Author: grothoff
Date: 2005-07-01 10:55:27 -0700 (Fri, 01 Jul 2005)
New Revision: 1190

Modified:
   GNUnet-docs/papers/ecrs/main.tex
Log:
more fixes from Krista

Modified: GNUnet-docs/papers/ecrs/main.tex
===================================================================
--- GNUnet-docs/papers/ecrs/main.tex    2005-07-01 17:21:15 UTC (rev 1189)
+++ GNUnet-docs/papers/ecrs/main.tex    2005-07-01 17:55:27 UTC (rev 1190)
@@ -750,8 +750,8 @@
 
 Adding name\-spaces to the design requires a new type of block, called
 an {\em SBlock}.  An {\em SBlock} contains the key and query hash
-(CHK) of the top {\em IBlock} together with metadata about the
-content, thereby allowing users that receive an {\em SBlock} to
+(CHK) of the top {\em IBlock} together with the metadata belonging to
+the content, thereby allowing users that receive an {\em SBlock} to
 download the file.  However, this data is encrypted such that
 intermediaries do not learn anything about the referenced file.  The
 encryption key is the hash of an identifier that the inserter chose
@@ -1027,7 +1027,7 @@
 the memory requirements for the index by a factor of 16-64, depending
 on the size of the hash.  Since a node occasionally needs to remove
 content from the local database, additional bit counters for the bloom
-filter should be stored on the disk.  The assumption here is that
+filter should be stored on the disk.  The assumption is that
 changes to the filter are rare compared to the frequency of queries.
 Queries that pass through the bloom filter are forwarded to the
 database layer which then attempts to locate the content.
@@ -1051,24 +1051,24 @@
 
 Splitting files into blocks might be perceived as having a negative
 effect on the preservation of data.  If only one of the blocks is
-lost, the larger file can no longer be reconstructed.  Thus, many
-other systems~\cite{freehaven-berk,mojotech} strive to keep files
-intact or use erasure codes~\cite{rabin89efficient} to patch missing
-pieces.  While erasure codes could be used together with ECRS, they
-would conflict with the performance benefits of on-demand encoding.
-Consequently, the primary mechanism to guard against the loss of files
-encoded with ECRS should be data replication.  Since ECRS is splitting
-files into blocks it should be possible for the network to duplicate
-blocks at a negligible cost per block.  Duplicating a complete file of
-several gigabytes would be much more costly and more likely to fail.
-For large files, it may be difficult for a peer to find individual
-hosts that are willing (or able) to provide enough space to replicate
-the complete file in its entirety.  Also, the traffic burst that a
-large transfer would impose on the network might keep the
-participating nodes busy for too long.  Blocks, on the other hand, can
-migrate quickly from host to host.  Storing a large file on a single
-host also fails to facilitate distribution of load for downloading
-purposes.
+lost, the larger file can no longer be reconstructed.  Many other
+systems~\cite{freehaven-berk,mojotech} attempt to address this problem
+by either attempting to keep files intact, or by using erasure
+codes~\cite{rabin89efficient} to patch missing pieces.  While erasure
+codes could be used together with ECRS, they would conflict with the
+performance benefits of on-demand encoding.  Consequently, the primary
+mechanism to guard against the loss of files encoded with ECRS should
+be data replication.  Since ECRS splits files into blocks it should be
+possible for the network to duplicate blocks at a negligible cost per
+block.  Duplicating a complete file of several gigabytes would be much
+more costly and more likely to fail.  For large files, it may be
+difficult for a peer to find individual hosts that are willing (or
+able) to provide enough space to replicate the complete file in its
+entirety.  Also, the traffic burst that a large transfer would impose
+on the network might keep the participating nodes busy for too long.
+Blocks, on the other hand, can migrate quickly from host to host.
+Storing a large file on a single host also fails to facilitate
+distribution of load for downloading purposes.
 
 
 \subsection{Attacks}
@@ -1106,7 +1106,7 @@
 While this would defeat the use of convergent encryption and increase
 the storage and bandwidth requirements, this would make it infeasible
 for the censor to effectively censor all of the variants.  Since such
-a powerful active attacker is likely to be uncommon the {\em default}
+a powerful active attacker is likely to be uncommon, the {\em default}
 in ECRS is to use convergent encryption.
 
 Both attacks fail to enable intermediaries to exercise editorial
@@ -1172,7 +1172,7 @@
 The triple-hash that was used instead of {\em KBlock}s in our earlier
 work ~\cite{esed} allows for an attack by an active, participating
 adversary.  The following paragraphs first briefly present the original
-scheme, discuss the attack and then compare it with the {\em KBlock}
+scheme and discuss the attack, and then compare it with the {\em KBlock}
 approach taken in this paper.
 
 Let an {\em RBlock} be a new kind of block that also contains the
@@ -1227,21 +1227,21 @@
 work better than the triple-hash against adversaries that
 indiscriminately attempt to abuse network resources, but at the
 expense of higher CPU utilization even in the absence of an attack.
-Thus using the triple-hash scheme may still be reasonable in networks
+Thus, using the triple-hash scheme may still be reasonable in networks
 with limited CPU power or less stringent security requirements.
 
 
 
 \section{Conclusion} \label{conclusion}
 
-This paper has described an encoding scheme which hides the shared
-data from intermediaries.  The encoding uses convergent encryption,
-allows swarming and produces a ciphertext that is not significantly
-larger than the plaintext.  Individual blocks of the ciphertext can be
+This paper has described an encoding scheme which hides shared data
+from intermediaries.  The encoding uses convergent encryption, allows
+swarming and produces a ciphertext that is not significantly larger
+than the plaintext.  Individual blocks of the ciphertext can be
 generated from plaintext without reading unrelated parts of the
-original.  While dictionary attacks on the keywords or known
-plaintext attacks on the content are still possible, they are harmless
-with respect to the goal of deniability for intermediaries.  The basic
+original.  While dictionary attacks on the keywords or known plaintext
+attacks on the content are still possible, they are harmless with
+respect to the goal of deniability for intermediaries.  The basic
 encoding scheme can be extended with directories and name\-spaces.
 Name\-spaces allow for files and directories to be updated.  Using
 $k$-deterministic public-private keys for signing content it is