Hey Ivan.
Private data is disseminated in a point
to point manner among peers even now.
The peers that posses the private data,
send the peers that don't (but are eligible of receiving it) the hash pre-images,
and the receiving peers validate the hash pre-images indeed correspond
to the hashes on the public block.
I don't see any technical obstacle that
prevents you to add a salt per collection name for a given transaction,
that will be concatenated to the computation of the hash of the key and
the value for the said collection.
The salt can be part of the data element
that is generated at the time of chaincode invocation, and will be passed
along with the private data itself.
I don't agree that point to point connections
defeat the purpose of the Blockchain, as the all this point to point data
that is kept off-chain can be easily and efficiently verified if needed
since its value is bound to the public blocks.
- Yacov.
From:
"Ivan Ch"
<acizlan@...>
To:
fabric@...
Date:
10/22/2019 12:23 PM
Subject:
[EXTERNAL] Re:
[Hyperledger Fabric] Major security hole in Hyperledger Fabric - Private
Data is not private #fabric #fabric-questions #fabric-dstorage #database
#dstorage #dstorage-fabric #fabric-chaincode #ssl
Sent by:
fabric@...
thanks for reply
but I think you guys are down playing the seriousness of this issue.
if u add salt then the salt must be passed to others so others can validate.
to avoid others to launch dictionary attack, u must (in ur implementation)force
peers to use private point2point connections to send the hash, otherwise
u may create another security hole.
plus, forcing p2p connection among participants would literally destroy
the purpose of blockchain.
this functionality need to change its name to something like "chain
hash" to save others falsely believe this is a data privacy functionality.
i know there must be marketing concerns calling it "private data",
but u guys need to be responsible
