The goal of Provider Records Cryptography in the context of Double Hashing is to provide more reader-privacy while having authenticated Provider Records.
Let us know if you have any suggestions or feedback!
A provider record basically is a pointer to a peerid
. It is used in the DHT’s key-value store. The keys are the DHT content identifiers Hash(MH)
, which MH
being the multihash of the content. The value is the peerid
of the peers providing the content associated with Hash(MH)
. So a provider record is a peerid
associated with some content.
As the Provider Records are stored in the DHT key-value store, indexed by the Hash(MH)
they reference, anyone knowing Hash(MH)
can retrieve the provider record, and learn about the content provider, if the provider record isn’t encrypted. The Provider Record (peerid
) can be encrypted with a key derived from the CID
. This would only allow peers knowing CID
to read the Provider Record’s content, knowing Hash(MH)
wouldn’t be enough. As Delegated Routing instances are going to be edge caches run by external/community entities, encrypting provider records prevents them from targeting specific providers / learning provider popularity
Advantages:
CID
(and hence MH
) can create a valid encrypted provider record. This provider record can in any case be verified by any client knowing CID
.peerid
of the content provider is encrypted, and hence cannot be associated with the DHT identifier of some content, namely Hash(MH)
. However, any adversary with the knowledge of CID
still knows the identity of the content provider.peerid
corresponds with the multiaddress of the publisher, it could allow nodes to publish/republish content for other peers.Drawbacks:
peerid
corresponds with the publisher peerid
We decided to use AES256
with GCM
mode of operation. It is an efficient stream cipher providing authenticated encryption. Hence, it enables clients to verify that the publisher of the encrypted provider record knows the CID
.
This algorithm is efficient and quantum-safe.