We need an encryption scheme that can handle some of our quirks. It must be able to:
Allow decryption walking forwards up the pulsechain, if the node key is still part of the validator group
Allow decryption walking backwards from latest, if the node key is still part of the validator group
Allow decrypting parts of a pulse that have not changed since before the last key change
Allow changing the key encryption scheme as well as changing the keys
Allow access based on a nodes public key
Maybe not require volumes of data proportional to the number of validators each time a key is changed
Maybe allow all validators to compute a shared key with nobody knowing the full key, with changes requiring new source material be submitted by all validators
Because we store the hashes of encrypted data, after the key has changed, a large portion of the hashes that make up a Pulse may have been encrypted using an earlier key.
We may need the ability to re-encrypt an entire chain in the event of a key compromise. This might be avoidable using perfect forward secrecy style schemes, where the loss of a key would only lose the block it represented.
We need an encryption scheme that can handle some of our quirks. It must be able to:
Because we store the hashes of encrypted data, after the key has changed, a large portion of the hashes that make up a Pulse may have been encrypted using an earlier key.
We may need the ability to re-encrypt an entire chain in the event of a key compromise. This might be avoidable using perfect forward secrecy style schemes, where the loss of a key would only lose the block it represented.