-
Notifications
You must be signed in to change notification settings - Fork 76
"zero knowledge" does not seem to be the right term #4
Comments
Yes, totally agree. I am even aware of there was a long discussion about The reason why I am using it is mainly for marketing purpose. I understand for those who have cryptography background, I am going to put more clear words in the disclaimer section in regarding this. Thanks for your suggestions anyway, @kwantam ! |
Sorry, but this reasoning does not make sense to me. You know that you're lying about the properties of zbox and that sophisticated users will recognize this, and you are choosing to make a false statement. This is harmful to the community, the project, and your users, full stop. In more detail:
If you are really worried that users will not use zbox because you don't call it "zero knowledge," a more constructive approach is to use the proper terminology ("semantically secure" or just "secure") in your project description, and then add a FAQ like Is zbox a "zero knowledge" filesystem? The term zero knowledge has been misused by other projects. There is no such thing as a "zero knowledge filesystem"---it is a misuse of cryptographic terminology and it does not mean anything. The correct term is semantically secure, which means that the filesystem reveals nothing about its contents other than an upper bound on the total size. This is a very strong security property, and it is one that most other secure filesystems do not give (for example, because they leak metadata). |
Zbox looks like a terrific project, but I agree that the "zero-knowledge" terminology is misleading here, and should be removed from the description. |
Thanks @jedisct1 and @kwantam , your suggestions are really making sense to me now. The term is indeed misleading in professionals' eyes. I even saw somebody is already misled on reddit. Alright, as I do prefer the word |
Why not just "encrypted"? Or if you want to add an adjective, "fully encrypted"? With "zero leakage", people are going to point out side channels. |
If you're trying to keep zero and part of the description, perhaps "zero details"? Use something that's not confusable with a wrongly used cryptographic term. edit: Hmm, "zero environment" maybe? |
At SpiderOak, we changed the term "Zero Knowledge" to "No Knowledge" for this exact same reason a few months ago. Here's our blog post about it. |
On a similar note, it seems that nothing has been done to ensure that the plaintext password or the encryption keys never get written out to disk during swapping. |
Well it worked. I clicked on the link just because of that particular term. Subjectively the feeling of being cheated was weaker than my overall positive impression. This project is cool. You've got the initial attention. IMHO it's time to change it to reflect the reality. |
@jedisct1 , good point. But IMHO that will lost the most differential selling point, and makes people thinking "oh, nothing new there, that's just anther boring encrypted file system". |
@kylone , "zero details" sounds a more proper term for me. Thanks. |
@diegomarcov , yes I saw that discussion happened on HN as well, and you guys done a great job when dealing with it. |
@pinkisemils , managing the plaintext password is not Zbox's responsibility. As you can see from this link, For the encryption key, it is derived from the plaintext password by libsodium password hash, and all the keys are managed by the |
@letalvoj , thanks. I will change it soon in the next release. |
I've changed the term to |
@burmecia Thank you very much for elaborating! |
The project's description says
This seems to be false: there is nothing "zero knowledge" about this (or any) filesystem. Zero knowledge is a property of a proof; informally, it means that the proof reveals nothing except its correctness [1].
I think the term you're looking for is something closer to "semantic security" [2], meaning that the filesystem does not leak anything about the contents except their length.
I am aware that several other projects currently misuse this terminology in the same way you are. It's harmful to your users (in that it misinforms them), to the community (in that it confuses useful pieces of terminology), and to your project (in that it looks unschooled) to follow their example.
[1] https://en.wikipedia.org/wiki/Zero-knowledge_proof
[2] https://en.wikipedia.org/wiki/Semantic_security
The text was updated successfully, but these errors were encountered: