Question about self encryption and changing credentials

Anticipating questions around self authentication such as “how can it do X?” I have been trying to understand how it works, both from the self_authentication crate docs & example and imagining how that might be used to do what I understand it to achieve. So I may have made some wrong assumptions.

This fits part of @dirvine’s explanation here, about changing credentials but I’m unsure if what I’ve drawn is correct because it doesn’t entirely fit. David says:

This is all in the self_auth paper. It does not create a file but a
pointer to potential files. When you change credentials then a new
pointer is create and old one deleted. So all trace is gone when new
data is on line. Your old data is not gone unless you have the new data.
So there is an implicit read after write check before old account is
gone.

Using my diagram, changing credentials would mean doing another PUT of the datamap using the new credentials, and then using those from that point on. However, if data is never deleted, the old datamap would still be there and although the “pointer” would be changed, ie using the new credentials to encrypt/PUT and GET/decrypt (not shown), the old datamap would still be there.

So I guess either my diagram is wrong or there is a way to destroy the old datamap (sounds unlikely).

@dirvine what have I got wrong? Am I anywhere near even?! :slight_smile:

I did look at the self authentication paper (PDF) but was a bit intimidated and am not sure I could answer this by reading it.

5 Likes

After reading the whitepaper more closely, I think this is actually like a pointer-to-a-pointer mechanism, where the first pointer points to an encrypted randomized string (Access Packet) which you use to compute the second pointer, which points to your actual account data holding the private keys of your identities (Account Packet). The Access Packet is encrypted with your username, the Account Packet with your password. The Access Packet can be updated and the Account Packet can be deleted. A salt is also used in all encryption, which I suspect will be the PIN.

The whitepaper also states that the Access Packet is updated (to contain a new random string) and the old Account Packet deleted and a new Account Packet created (at a unique key, using the new random string as well as your username) every time you stop the current session (logout). I feel this also happens when you change your password.

The whitepaper is naturally very general, so I’m not 100% sure how this works in SAFE exactly in terms of deletion and updating of the Packets.

1 Like