Is this a confused deputy?

13 views

Skip to first unread message

Alan Karp

unread,

Jun 11, 2025, 6:00:07 PMJun 11

to <friam@googlegroups.com>, cap-...@googlegroups.com

Alice has some files, each for a different subset of her data. For simplicity, say that there is a file for each letter of the alphabet, and a word goes into a file if the word contains the corresponding letter. Bob runs a service that tells Alice which files to update for a given word. If he is malicious, Bob will specify a file not in that set, which Alice will overwrite using her permissions.

--------------
Alan Karp

Mike Stay

unread,

Jun 11, 2025, 8:13:31 PMJun 11

to fr...@googlegroups.com, cap-...@googlegroups.com

Seems more like a type error to me. Alice should expect a set of files of a type that depends on the given word. Bob is providing the service on an open network where Bob is just sending bits, then Alice should either expect Bob's responses to contain a proof that they're a serialization of the right type or Alice should prove it to herself.

--
You received this message because you are subscribed to the Google Groups "friam" group.
To unsubscribe from this group and stop receiving emails from it, send an email to friam+un...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/friam/CANpA1Z2D-mdscZ8H6%3DtjCrjW%3D0-DqyHKV_hkfR4Vmv89D5qw-Q%40mail.gmail.com.

Mike Stay - meta...@gmail.com
https://math.ucr.edu/~mike
https://reperiendi.wordpress.com

Reply all

Reply to author

Forward

0 new messages