Are you interested in how to bring secure, private, peer-to-peer distributable content to the fediverse that can survive nodes going down? I've finished writing the documentation for the Golem demo which explains how to do just that:

It also includes a running, workable demo which you can try yourself. Please do and let me know your thoughts!

I added a new "Encryption has a shelf life" section to the Caveats section of Golem's writeup. It's an important point I hadn't called out previously!

> Encryption has a shelf life. In general, secure ciphers from about 15 years ago aren’t secure today, so it’s possible that chunks that are currently only readable by intended recipients can eventually be read by anyone who gets their hands on them. [...]

@cwebber Good stuff!

Re: encryption "shelf life": would the URI scheme support multiple encryption?

Barring weaknesses in the actual ciphers (and the various other ways to undermine encryption), it's unlikely that data encrypted with modern ciphers at sufficient keysizes will ever be able to be decrypted without the key (Bremermann's limit, with the optimal brute-force post-quantum attack against symmetric ciphers being Grover's algorithm, which is mitigated by doubling the keysize).

So one option to mitigate the compromise of a cipher due to some sort of cryptanalytic attack is to use multiple ciphers, each with different keys.

Of course, if Alice is communicating an ephemeral symmetric key to Bob using a asymmetrically encrypted channel, the robustness of the symmetric algorithms won't matter much if attacker that can monitor network traffic between Alice or Bob may be able to decrypt that key exhcnage in the future. But that exchange could take place over a more trusted connection that is not available to the public, unlike the e.g. IPFS-stored encrypted messages themselves (though it may still be available to e.g. the NSA/GHCQ/etc). So there is still value in hardening the symmetrically encrypted message as much as Alice and Bob desire based on their threat model.

@mikegerwitz A good set of comments to which I don't honestly have a great reply. My crypto-math-fu is pretty weak here, but the observation of things weakening is partly based on warnings from more cryptographically astute people I know warning of such and also that so many cipher recommendations of yesteryear *have* weakened. But it's hard to tell if I'm over or under cautioning :)

That said if you wanted to compose ciphers, you could set the es= parameter to something that knows to do that

@cwebber To clarify, my second paragraph applies only to symmetric encryption.

You're absolutely not under-cautioning; I don't believe in such a thing in crypto. :) I was inquiring to see if multiple encryption was supported out of caution.

Certain ciphers have been weakened (or broken entirely), absolutely, which is what makes multiple encryption attractive. I didn't mean to suggest otherwise.

Thanks for your reply. I'm hoping to have the time to look into Spritely more deeply after LP2019.
Sign in to participate in the conversation

Octodon is a nice general purpose instance. more