[messaging] Message persistence

carlo von lynX lynX at i.know.you.are.psyced.org
Fri Jan 23 08:09:20 PST 2015

On Fri, Jan 23, 2015 at 04:35:15PM +0100, Natanael wrote:
> Another point is that if you don't fully trust the storage host, storing
> unmodified ciphertext the way it came in on the wire reveals a bit more

That sounds like an interesting threat model there. You would not
fully trust your storage host, yet expect it to actually forget about
the original crypto transmissions? Why on Earth would it do that?
Only an extremily benign server host would actually do so (that is,
one that is intentionally designed to truly wipe its spool files, not
just mark it deleted as most systems do).

> metadata about usage than uploading blobs of multiple re-encrypted
> ciphertexts. Asking for specific ciphertexts to be deleted also reveals
> more than re-uploading a smaller ciphertext blob to replace a previous one.

You don't need to inform the server about the messages you are no
longer interested in. The server could clean out things by age and
need of storage space. In this case, if you need to backup very old
messages and insist on the metadata-prone server-based architecture,
then re-uploading indeed appears like a possible approach. To me it
sounds like a lot of work for a problem you should maybe better 
address in the basic design: avoid to ever have visible or guessable
metadata - that means, avoid social graphs gathered on servers.
Use distributed relaying architectures.


More information about the Messaging mailing list