keysafe - Debian packaging for Keysafe

	Commit message (Collapse)	Author	Age
*	rejigger to avoid division underflow	Joey Hess	2016-09-14
\|
*	Make rate limiter adapt to ongoing load more quickly -- every 15 minutes ↵	Joey Hess	2016-09-14
\| \| \| \|	instead of every 60.
*	format	Joey Hess	2016-09-14
\|
*	constructed the bloom filter wrong	Joey Hess	2016-09-14
\|
*	use less expensive hash for proof of work	Joey Hess	2016-09-13
\| \| \| \| \| \| \| \| \| \| \| \| \| \|	The server has to run the hash once to verify a request, so a hash that took 4 seconds could make the server do too much work if it's being flooded with requests. So, made the hash much less expensive. This required keeping track of fractional seconds. Actually, I used Rational for them, to avoid most rounding problems. That turned out nice. I've only tuned the proofOfWorkHashTunable on my fanless overheating laptop so far. It seems to be fairly reasonablly tuned though.
*	eliminate half the bloom filters, using HMAC to verify RequestIDs	Joey Hess	2016-09-13
\| \| \| \| \| \| \| \| \| \| \|	Simplifies code, uses less memory, and don't need to protect against flooding generation of RequestIDs, since the server does not store them at all. Note that the RequestIDSecret is only stored in ram, so restarting the server will invalidate any RequestIds given out before. It would be possible now to store that on disk to avoid that problem, but probably not worth it.
*	made fallback request queue fair	Joey Hess	2016-09-13
\| \| \| \| \| \| \| \|	Once on the queue, requests should not need to contend with other requests that are not on the queue, so added a fallback request bucket. tokenBucketWait is not fair, so ensure FIFO processing of the queue by using a FairRWLock.
*	use fast-logger for better logging	Joey Hess	2016-09-13
\|
*	implemented dynamic rate limiting	Joey Hess	2016-09-13
\|
*	improved rate limiter	Joey Hess	2016-09-13
\| \| \| \| \|	Now caps total request rate even if attacker is willing to burn infinite CPU on PoW.
*	got my usec conversion wrong	Joey Hess	2016-09-13
\|
*	Revert "refactor"	Joey Hess	2016-09-13
\| \| \| \|	This reverts commit 48ec718a6211a71ae0a796eb1c3a6ea091dc6e14.
*	got my usec conversion wrong	Joey Hess	2016-09-13
\|
*	refactor	Joey Hess	2016-09-13
\|
*	half the fill rate	Joey Hess	2016-09-13
\| \| \| \| \| \|	This decreases the possible maximumStorageRate by half, down from 10 gb/month to 5 gb/month. Which is probably a tolerable amount for many servers; that's 16 months to fill up a terabyte disk.
*	use half as many token buckets	Joey Hess	2016-09-13
\| \| \| \| \| \| \|	(down from 7 to 4) This decreases the possible maximumStorageRate by half, down from 18 gb/month to 10 gb/month.
*	maximumStorageRate calculation	Joey Hess	2016-09-13
\|
*	use token bucket as the random salt generation rate limiter	Joey Hess	2016-09-13
\| \| \| \| \|	This avoids a 1s delay in requests, except when an attacker is flooding them.
*	add proof of work to countobjects	Joey Hess	2016-09-12
\| \| \| \|	In this case, an empty string is hashed to generate the PoW.
*	implement client-server Proof Of Work	Joey Hess	2016-09-12
	Mashed up a argon2-based PoW with token buckets and bloom filters. This is intended to prevent a few abuses including: * Using a keysafe server for general file storage, by storing a whole lot of chunks. * An attacker guessing names that people will use, and uploading junk to keysafe servers under those names, to make it harder for others to use keysafe later. * An attacker trying to guess the names used for objects on keysafe servers in order to download them and start password cracking. (As a second level of defense, since the name generation hash is expensive already.) Completely untested, but it builds! This commit was sponsored by Andreas on Patreon.