[From nobody Tue Nov 18 17:28:04 2008
Return-Path: &lt;p2p-hackers-bounces@lists.zooko.com&gt;
Received: from vscan-c.ucl.ac.uk by ess3.cs.ucl.ac.uk with UK SMTP 
	id &lt;g.09453-0@ess3.cs.ucl.ac.uk&gt;; Sun, 27 Jan 2008 16:19:55 +0000
Received: from misfit.maski.org ([209.40.195.45]) by vscan-c.ucl.ac.uk 
	with esmtp (Exim 4.60) (envelope-from
	&lt;p2p-hackers-bounces@lists.zooko.com&gt;) 
	id 1JJAET-0005uo-Ql; Sun, 27 Jan 2008 16:19:46 +0000
Received: from misfit.maski.org (misfit.maski.org [127.0.0.1]) 
	by misfit.maski.org (Postfix) with ESMTP id CAF76619B9D;
	Sun, 27 Jan 2008 16:19:21 +0000 (UTC)
X-Original-To: p2p-hackers@lists.zooko.com
Delivered-To: p2p-hackers@lists.zooko.com
Received: from nooxie.zooko.com (unknown [207.7.131.41]) 
	by misfit.maski.org (Postfix) with ESMTP id 308DA618A68 
	for &lt;p2p-hackers@lists.zooko.com&gt;;
	Sun, 27 Jan 2008 16:18:56 +0000 (UTC)
Received: from [192.168.1.103] (unknown [209.97.232.250]) 
	by nooxie.zooko.com (Postfix) with ESMTP id 81ACD14C9B7;
	Sun, 27 Jan 2008 09:23:26 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v753)
In-Reply-To: &lt;001801c8609f$4e287540$ea795fc0$@net&gt;
References: &lt;000501c8609a$6650a390$32f1eab0$@net&gt;
	&lt;001801c8609f$4e287540$ea795fc0$@net&gt;
Message-Id: &lt;715BA506-132B-49F7-8008-306DB15B934A@zooko.com&gt;
From: zooko &lt;zooko@zooko.com&gt;
Date: Sun, 27 Jan 2008 09:18:50 -0700
To: tahoe-dev@allmydata.org, 
	theory and practice of decentralized computer networks
	&lt;p2p-hackers@lists.zooko.com&gt;, Cryptography &lt;cryptography@metzdowd.com&gt;
X-Mailer: Apple Mail (2.753)
Subject: Re: [p2p-hackers] [tahoe-dev] Surely M$ can patent this process?
X-BeenThere: p2p-hackers@lists.zooko.com
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: theory and practice of decentralized computer networks
	&lt;p2p-hackers@lists.zooko.com&gt;
List-Id: theory and practice of decentralized computer networks 
	&lt;p2p-hackers.lists.zooko.com&gt;
List-Unsubscribe: &lt;http://lists.zooko.com/mailman/listinfo/p2p-hackers&gt;, 
	&lt;mailto:p2p-hackers-request@lists.zooko.com?subject=unsubscribe&gt;
List-Archive: &lt;http://lists.zooko.com/pipermail/p2p-hackers&gt;
List-Post: &lt;mailto:p2p-hackers@lists.zooko.com&gt;
List-Help: &lt;mailto:p2p-hackers-request@lists.zooko.com?subject=help&gt;
List-Subscribe: &lt;http://lists.zooko.com/mailman/listinfo/p2p-hackers&gt;, 
	&lt;mailto:p2p-hackers-request@lists.zooko.com?subject=subscribe&gt;
Content-Type: text/plain; charset=&quot;windows-1252&quot;
Content-Transfer-Encoding: quoted-printable
Sender: p2p-hackers-bounces@lists.zooko.com
Errors-To: p2p-hackers-bounces@lists.zooko.com
X-UCL-MailScanner-Information: Please contact the UCL Helpdesk, 
	helpdesk@ucl.ac.uk for more information
X-UCL-MailScanner: Found to be clean
X-UCL-MailScanner-From: p2p-hackers-bounces@lists.zooko.com
X-Spam-Status: No

[adding Cc: p2p-hackers and cryptography mailing lists as explained  =

below; Please trim your follow-ups as appropriate.]

Dear Gary Sumner:


On Jan 26, 2008, at 9:44 PM, Gary Sumner wrote:
&gt; I was researching on the weekend and came across Tahoe=85very  =

&gt; exciting and can=92t wait to delve in and understand more in detail.
&gt;
&gt; I was reading over Plank=92s work around erasure encoding and that  =

&gt; lead me to Tahoe. One thing that I was really looking for was to be  =

&gt; able to encrypt the data before storing it  and so was very excited  =

&gt; when I read your architecture doc and it says =93When a file is to be  =

&gt; added to the grid, it is first encrypted using a key that is  =

&gt; derived from the hash of the file itself.=94 This seems perfectly  =

&gt; logical and natural way to apply this technique. However,  =

&gt; researching also lead me to a patent M$ has been granted on this  =

&gt; exact process:
&gt;
&gt; Encryption Systems and Methods for Identifying and Coalescing  =

&gt; Identical Objects Encrypted with Different Keys - http:// =

&gt; patft.uspto.gov/netacgi/nph-Parser?Sect1=3DPTO2&amp;Sect2=3DHITOFF&amp;p=3D1&amp;u=3D=
% =

&gt; 2Fnetahtml%2FPTO%2Fsearch- =

&gt; bool.html&amp;r=3D1&amp;f=3DG&amp;l=3D50&amp;co1=3DAND&amp;d=3DPTXT&amp;s1=3D6983365.PN.&amp;OS=3DPN/ =

&gt; 6983365&amp;RS=3DPN/6983365
&gt;

I haven't read that patent, so I can't say whether it applies to what  =

allmydata.org Tahoe does or not.  By default, for immutable files  =

(but not for mutable files or directories), Tahoe sets the encryption  =

key equal to the tagged hash of the file contents.  (A tagged hash is  =

simply a hash of the data prefixed by a tag to distinguish it from  =

other uses of hash functions).  You don't have to use Tahoe this way,  =

however:

&gt; The encryption before storing is critical for my application.
&gt;
If, for any reason, you don't want to let your encryption key be  =

produced from the secure hash of the file contents, then Tahoe can  =

instead use a randomly-generated encryption key.  The drawback of  =

doing it this way -- with a random encryption key -- is that you lose  =

the &quot;deduplication&quot; feature: two people who independently store the  =

same file contents will use twice as much space, instead of each of  =

them having a pointer to a single stored copy.  The advantages of  =

doing it with a random encryption key are that you get a stronger  =

guarantee about the confidentiality of the contents of your files,  =

and it is faster as you don't need to process the whole file (in  =

order to generate the encryption key) before beginning to upload the  =

file.

&gt; Surely there must be prior art on this technique to refute this  =

&gt; patent?
&gt;

That's an interesting question, and I'm carbon-copying the p2p- =

hackers and cryptography mailing lists to ask if anyone knows.  I  =

learned about this technique from Jim McCoy and Doug Barnes in their  =

design of Mojo Nation.  I don't remember whether this technique was  =

mentioned in Jim McCoy's personal communication of Mojo Nation to me  =

in the summer of 1998, but it was definitely present in the design  =

when I started working for Jim and Doug on Mojo Nation in 1999, and  =

when Mojo Nation was first announced to the world at DefCon in July  =

2000 [1, 2].  I don't know if Jim came up with the idea ex nihilo or  =

was exposed to it in the swirling soup of ideas that we lived in at  =

the time: cypherpunks / Electric Communities (which had many ideas  =

gleaned from Xanadu) / Financial Cryptography / etc..

I remember reading about the newly announced Freenet project in 2000  =

and being surprised at how many similarities its design had to our  =

unannounced Mojo Nation project.  The influential Freenet paper [3]  =

was published in July, 2000 -- one month too late to count as prior  =

art for that patent, which was filed May 2000.  However, that paper  =

was based on Ian Clarke's master's thesis, which was published in  =

1999.  Let's see...  A there it is: [4].  Hm, no it does not seem to  =

contain the notion that the 2000 Freenet paper would popularize as  =

&quot;Content Hash Keys&quot;.

I've also just now re-read The Eternity Service (Anderson, 1996) [5],  =

and it, like Clarke 1999, omits details of encryption.

It's an interesting puzzle of intellectual history.  The idea  =

certainly seems to have been &quot;in the air&quot;, as both Mojo Nation and  =

Freenet were working on it before the May 2000 patent submission by  =

Doceur et al., but Mojo Nation and Freenet each published the idea  =

shortly after May 2000.  According to my limited understanding of  =

patent law, this means that they don't count as prior art on that  =

patent.

Regards,

Zooko

[1] http://www.mccullagh.org/image/950-12/jim-mccoy-mojonation.html
[2] http://web.archive.org/web/20001118214000/http:// =

www.mojonation.net/docs/technical_overview.shtml
[3] http://citeseer.ist.psu.edu/420356.html
[4] http://citeseer.ist.psu.edu/380453.html
[5] http://citeseer.ist.psu.edu/anderson96eternity.html
_______________________________________________
p2p-hackers mailing list
p2p-hackers@lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers
]