Blobs

Blobs provide read-only content addressed encrypted storage. As such they vulnerable to chosen-plaintext attacks, including the confirmation of file and learn the remaining information attacks described here by Tahoe-LAFS. Converge employs a similar mitigation strategy to Tahoe-LAFS, the key derivation process for each blob has a secret convergence domain added, so blobs are only deduplicated within that convergence domain.

References

Blobs references are generated by hashing the entire serialization of the Blob. The hash, no matter which primitive, uses the domain "Converge Blob Reference".

Encryption and Decryption

The ciphertext held within a Blob is produced with using deterministic authenticated encryption with associated data, with a domain of "Converge Blob Encryption" and the associated data of the serialized set of references (byte 85 to the end in this example). The convergence domain is determined by the calling application, and may be empty.

Applications must distinguish data stored in blobs with convergence domains under 96 bits as being less private!