GNU social JP
  • FAQ
  • Login
GNU social JPは日本のGNU socialサーバーです。
Usage/ToS/admin/test/Pleroma FE
  • Public

    • Public
    • Network
    • Groups
    • Featured
    • Popular
    • People

Conversation

Notices

  1. Embed this notice
    Per Vognsen (pervognsen@mastodon.social)'s status on Wednesday, 19-Mar-2025 02:36:55 JST Per Vognsen Per Vognsen

    Something I hadn't really considered before (I'm sure old news to security folks) is that there's an information-theoretic security principle with content-addressable storage that is reminiscent of object-capability security. You can't "guess" content hashes in an ideal oracle CAS (i.e. no timing leaks/side channels). So you can only access content by querying the CAS if you either already have the content or if you received a content hash from someone or somewhere else.

    In conversation about a year ago from mastodon.social permalink
    • Embed this notice
      Per Vognsen (pervognsen@mastodon.social)'s status on Wednesday, 19-Mar-2025 02:36:55 JST Per Vognsen Per Vognsen
      in reply to

      So if you don't know anything, you're completely stuck. You need at least one root hash. And if that's valid you get at the content and from there you can do the usual thing of following hash-links to get other content. But you have a kind of transitivity or downward-closure principle that seems almost the same as with object-capability security. Like, I obviously understood this is how Git and other CAS systems work, I just hadn't formulated it to myself as an information-security thing.

      In conversation about a year ago permalink
    • Embed this notice
      Per Vognsen (pervognsen@mastodon.social)'s status on Wednesday, 19-Mar-2025 02:36:55 JST Per Vognsen Per Vognsen
      in reply to

      To extend the analogy I guess you can also add to this revocable capabilities if you selectively indirect through a mutable oracle store with random GUIDs as keys and content hashes as values. You should end up with some kind of forward-secure version of the downward-closure property where you can only access content which is reachable from known content hashes without going through revoked links.

      In conversation about a year ago permalink

Feeds

  • Activity Streams
  • RSS 2.0
  • Atom
  • Help
  • About
  • FAQ
  • TOS
  • Privacy
  • Source
  • Version
  • Contact

GNU social JP is a social network, courtesy of GNU social JP管理人. It runs on GNU social, version 2.0.2-dev, available under the GNU Affero General Public License.

Creative Commons Attribution 3.0 All GNU social JP content and data are available under the Creative Commons Attribution 3.0 license.