random memes }

Security by number

The prior observation leads to a very simple, very high performance design for secure storage.

We could take the abstract notion of a single big number as a key, and omit distinct access-checks. For example, if an object were stored under:


If you did not already have the number (a UUID in this case), the odds of your guessing the right number are essentially none. So simply storing an object under a big number is secure.

The problem with this scheme is that it leaks over time. You can only "find" objects if you already have the number. You would first get the number only via some authenticated path. But once the number is recorded (in an email for example), there is no control over who else gains access in the future.

This leads to the next notion where we introduce time.