Re: [Apso-devel] Hiding revision IDs

apso-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Apso-devel] Hiding revision IDs

From:	Ulf Ochsenfahrt
Subject:	Re: [Apso-devel] Hiding revision IDs
Date:	Thu, 26 Oct 2006 13:10:34 +0200
User-agent:	Thunderbird 1.5.0.7 (X11/20060927)

Jeronimo Pellegrini wrote:

This was brought up by Ulf Ochsenfahrt on Monotone-devel.

Currently, Apso stores encrypted deltas in files whose name
is the revision ID.

Suppose you're working on project MyBSD, which is a modified version
of the FreeBSD kernel. Then one day you resync with the FreeBSD
tree. This delta from the BSD tree is well-known, and it would
show to an attacker that you are working on a fork of FreeBSD.

Maybe there is a way to not give away the revision ID like that?

We could use random strings to identify encrypted deltas, and then
we'd need to keep an ancestry map of these IDs, and a mapping from
them onto real revision hashes.

I've also thought about this. Maybe there is a better way to do this. Idon't know the internal data structure, so I'll just give it a shot.Correct me if I'm making any incorrect assumptions.

The revision id is a SHA1 checksum, so you can't tell anything just fromthe number. However, there is the manifest, and the manifest correlatesthe revision id to the revision contents. Now if you'd encrypt themanifest, that would help with reducing the amount of 'leaked'information. However, that means you can't sync anymore, because syncneeds to know what is contained in the revision. Now, you could splitthe manifest. One part contains the relationship between filenames andfile contents, and is encrypted. And the other contains just a list ofcontent ids. When syncing, you don't really need to know what thefilename is, you just need to figure out which (binary) blobs to transfer.

This doesn't save against a correlation attack. Someone can look at onerevision and see the content ids there and look at another and see thosethere. If a lot of ids are identical (a lot of unchanged files, which isnot unusual), then the attacker can infer that there must be arelationship between those revisions. So when he can see the database,he might be able to infer the revision graph.


Cheers,

-- Ulf

smime.p7s
Description: S/MIME Cryptographic Signature

[Prev in Thread]

Current Thread

[Next in Thread]

[Apso-devel] Hiding revision IDs, Jeronimo Pellegrini, 2006/10/26
- Re: [Apso-devel] Hiding revision IDs, Ulf Ochsenfahrt <=
  - Re: [Apso-devel] Hiding revision IDs, Jeronimo Pellegrini, 2006/10/26
    - Re: [Apso-devel] Hiding revision IDs, Jeronimo Pellegrini, 2006/10/26
    - Re: [Apso-devel] Hiding revision IDs, Ulf Ochsenfahrt, 2006/10/26
    - Re: [Apso-devel] Hiding revision IDs, Jeronimo Pellegrini, 2006/10/27
    - Re: [Apso-devel] Hiding revision IDs, Jeronimo Pellegrini, 2006/10/27

Prev by Date: [Apso-devel] Hiding revision IDs
Next by Date: Re: [Apso-devel] Hiding revision IDs
Previous by thread: [Apso-devel] Hiding revision IDs
Next by thread: Re: [Apso-devel] Hiding revision IDs
Index(es):
- Date
- Thread