Tahoe-LAFS
{{Short description|File system}}
{{Infobox software
| title =
| logo = File:Tahoe-LAFS-logo-kpreid-2.svg
| screenshot =
| caption =
| collapsible =
| author =
| developer =
| discontinued =
| latest release version = 1.20.0{{cite mailing list|title=release 1.20.0|url=https://lists.tahoe-lafs.org/pipermail/tahoe-dev/2024-December/010111.html|date=2024-12-19|access-date=2024-12-29|mailing-list=tahoe-dev}}
| latest release date = {{Start date and age|2024|12|19|df=yes/no}}
| latest preview version =
| latest preview date =
| programming language = Python{{cite web |last1=Willis |first1=Nathan |title=Weekend Project: Get Started with Tahoe-LAFS Storage Grids |url=https://www.linux.com/training-tutorials/weekend-project-get-started-tahoe-lafs-storage-grids/ |website=Linux.com |date=17 February 2012 |access-date=5 March 2021 |archive-date=27 October 2021 |archive-url=https://web.archive.org/web/20211027194423/https://www.linux.com/training-tutorials/weekend-project-get-started-tahoe-lafs-storage-grids/ |url-status=live }}
| operating system = Cross-platform
| platform =
| size =
| language = English
| genre = Cloud computing
| license = Choice of GNU GPL 2+ and a custom open source licence with a grace period{{Cite web |url=https://tahoe-lafs.org/trac/tahoe-lafs/browser/git/docs/about.rst |title=About.RST in trunk/Docs – Tahoe-LAFS |access-date=2013-01-07 |archive-date=2020-06-07 |archive-url=https://web.archive.org/web/20200607223504/https://www.tahoe-lafs.org/trac/tahoe-lafs/browser/trunk/docs/about.rst |url-status=live }}
| website = {{URL|https://tahoe-lafs.org/}}
}}
Tahoe-LAFS (Tahoe Least-Authority File Store{{cite web|url=https://tahoe-lafs.org/trac/tahoe-lafs|title=Tahoe-LAFS wiki|publisher=tahoe-lafs.org|access-date=2014-12-01|archive-date=2014-12-05|archive-url=https://web.archive.org/web/20141205120805/https://tahoe-lafs.org/trac/tahoe-lafs|url-status=live}}) is a free and open, secure, decentralized, fault-tolerant, distributed data store and distributed file system.{{cite web |last1=Paul |first1=Ryan |title=P2P-like Tahoe filesystem offers secure storage in the cloud |url=https://arstechnica.com/information-technology/2009/08/p2p-like-tahoe-filesystem-offers-secure-storage-in-the-cloud/ |website=Ars Technica |language=en-us |date=4 August 2009 |access-date=3 March 2021 |archive-date=11 January 2021 |archive-url=https://web.archive.org/web/20210111124717/https://arstechnica.com/information-technology/2009/08/p2p-like-tahoe-filesystem-offers-secure-storage-in-the-cloud/ |url-status=live }}{{cite web |last=Monteiro |first=Julian Geraldes |title=Modeling and Analysis of Reliable Peer-to-Peer Storage Systems |access-date=15 December 2012 |publisher=Université de Nice |location=Sophia Antipolis |pages=17 |date=16 November 2010 |url=http://hal-unice.archives-ouvertes.fr/docs/00/54/57/24/PDF/these-jmonteiro.pdf |archive-date=2 July 2013 |archive-url=https://web.archive.org/web/20130702204900/http://hal-unice.archives-ouvertes.fr/docs/00/54/57/24/PDF/these-jmonteiro.pdf |url-status=live }} It can be used as an online backup system, or to serve as a file or Web host similar to Freenet,{{citation needed|date=March 2021}} depending on the front-end used to insert and access files in the Tahoe system. Tahoe can also be used in a RAID-like fashion using multiple disks to make a single large Redundant Array of Inexpensive Nodes (RAIN) pool of reliable data storage.
The system is designed and implemented around the "principle of least authority" (POLA), described by Brian Warner (one of the project's original founders) as the idea "that any component of the system should have as little power of authority as it needs to get its job done".{{cite web |last1=Byfield |first1=Bruce |title=Hide Cloud Data from the Cloud Vendor |url=https://www.linuxpromagazine.com/Online/Features/Hide-Cloud-Data-from-the-Cloud-Vendor |publisher=Linux Magazine |date=20 May 2014 |access-date=3 March 2021 |archive-date=27 February 2021 |archive-url=https://web.archive.org/web/20210227042139/https://www.linuxpromagazine.com/Online/Features/Hide-Cloud-Data-from-the-Cloud-Vendor |url-status=live }} Strict adherence to this convention is enabled by the use of cryptographic capabilities that provide the minimum set of privileges necessary to perform a given task by asking agents. A RAIN array acts as a storage volume; these servers do not need to be trusted by confidentiality or integrity of the stored data.
History
Tahoe-LAFS was started in 2006 at online backup services company All My Data and has been actively developed since 2007.{{cite web |last1=O'Brien |first1=Danny |title=Tahoe and Tor: Building Privacy on Strong Foundations |url=https://www.eff.org/deeplinks/2013/08/tahoe-and-tor-building-privacy-strong-foundations |publisher=Electronic Frontier Foundation |access-date=3 March 2021 |language=en |date=6 September 2013 |archive-date=25 January 2021 |archive-url=https://web.archive.org/web/20210125051256/https://www.eff.org/deeplinks/2013/08/tahoe-and-tor-building-privacy-strong-foundations |url-status=live }} In 2008, Brian Warner and Zooko Wilcox-O'Hearn published a paper on Tahoe at the 4th ACM international workshop on Storage security and survivability.{{cite journal |last1=Wilcox-O'Hearn |first1=Zooko |last2=Warner |first2=Brian |title=Tahoe: the least-authority filesystem |journal=Proceedings of the 4th ACM International Workshop on Storage Security and Survivability |date=31 October 2008 |pages=21–26 |doi=10.1145/1456469.1456474 |url=https://eprint.iacr.org/2012/524.pdf |publisher=Association for Computing Machinery |s2cid=12056440 |access-date=5 March 2021 |archive-date=26 January 2021 |archive-url=https://web.archive.org/web/20210126040316/https://eprint.iacr.org/2012/524.pdf |url-status=live }}
When All My Data closed in 2009, Tahoe-LAFS became a free software project under the GNU General Public License or The Transitive Grace License, which allows owners of the code twelve months to profit from their work before releasing it. In 2010, Tahoe-LAFS was mentioned as a tool against censorship by the Electronic Frontier Foundation.{{cite web |last1=Palmer |first1=Chris |title=Constructive Direct Action Against Censorship |url=https://www.eff.org/deeplinks/2010/12/constructive-direct-action-against-censorship |publisher=Electronic Frontier Foundation |language=en |date=14 December 2010 |access-date=3 March 2021 |archive-date=20 January 2021 |archive-url=https://web.archive.org/web/20210120111653/https://www.eff.org/deeplinks/2010/12/constructive-direct-action-against-censorship |url-status=live }} In 2013, it was one of the hackathon projects at the GNU 30th anniversary.{{cite web |title=GNU 30th anniversary celebration and hackathon |url=https://www.gnu.org/gnu30/celebration.html |date=28 September 2013 |access-date=3 March 2021 |archive-date=4 April 2021 |archive-url=https://web.archive.org/web/20210404094030/https://www.gnu.org/gnu30/celebration.html |url-status=live }}
Functionality
The Tahoe-LAFS Client sends an unencrypted file via a web API to the HTTPS Server. The HTTPS Server passes the file off to the Tahoe-LAFS Storage client which encrypts the file and then uses erasure coding to store fragments of the file on multiple storage drives.{{cite web|last=Huchton|first=Scott|title=Secure mobile distributed file system (MDFS)|url=https://calhoun.nps.edu/bitstream/handle/10945/5758/11Mar_Huchton.pdf|publisher=Monterey, California. Naval Postgraduate School|access-date=15 December 2012|pages=8–9|date=March 2011|archive-date=21 October 2021|archive-url=https://web.archive.org/web/20211021150315/https://calhoun.nps.edu/bitstream/handle/10945/5758/11Mar_Huchton.pdf|url-status=live}}
Tahoe-LAFS features "provider-independent security", in that the integrity and confidentiality of the files are guaranteed by the algorithms used on the client, independent of the storage servers, which may fail or may be operated by untrusted entities. Files are encrypted using AES, then split up using erasure coding, such that only a subset K of the original N servers storing the file chunks need to be available in order to recreate the original file.{{cite web |last1=Haver |first1=Eirik |last2=Melvold |first2=Eivind |last3=Ruud |first3=Pål |title=Cloud Storage Vault |url=https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/262465 |publisher=Institutt for telematikk |access-date=3 March 2021 |pages=20–21 |date=2011 |archive-date=27 October 2021 |archive-url=https://web.archive.org/web/20211027194426/https://ntnuopen.ntnu.no/ntnu-xmlui/handle/11250/262465 |url-status=live }}{{cite book|last=Lee|first=Changhoon|title=Secure and trust computing, data management and applications : STA 2011 workshops: IWCS 2011 and STAVE 2011, Loutraki, Greece, June 28 – 30, 2011|year=2011|url=https://archive.org/details/securetrustcompu00leec|url-access=limited|publisher=Springer|location=Berlin|isbn=978-3642223648|pages=[https://archive.org/details/securetrustcompu00leec/page/n208 192]–193}} The default parameters are K=3, N=10, so each file is shared across 10 different servers, accessing it requires the correct function of any 3 of those servers.{{cite journal |last1=Wilcox-O'Hearn |first1=Zooko |last2=Warner |first2=Brian |title=Tahoe: the least-authority filesystem |journal=Proceedings of the 4th ACM International Workshop on Storage Security and Survivability |date=31 October 2008 |pages=21–26 |doi=10.1145/1456469.1456474 |url=https://eprint.iacr.org/2012/524.pdf |publisher=Association for Computing Machinery |s2cid=12056440 |access-date=5 March 2021 |archive-date=26 January 2021 |archive-url=https://web.archive.org/web/20210126040316/https://eprint.iacr.org/2012/524.pdf |url-status=live }}
Tahoe provides very little control over on which nodes data is stored.{{cite web|title=Survey of Technologies for Wide Area Distributed Storage|url=http://docplayer.net/storage/25/5370619/1614762886/NUVb1Wo6L4B7UCML_9bWLQ/5370619.pdf|access-date=3 March 2021|author=Arjan Peddemors, Christiaan Kuun, Rogier Spoor, Paul Dekkers and Christiaan den Besten|page=17|date=29 June 2011|archive-date=3 March 2021|archive-url=https://web.archive.org/web/20210303081503/http://docplayer.net/storage/25/5370619/1614762886/NUVb1Wo6L4B7UCML_9bWLQ/5370619.pdf|url-status=live}}
Fork
A patched version of Tahoe-LAFS exists from 2011, and was made to run on anonymous networks such as I2P, with support for multiple introducers. There is also a version for Microsoft Windows.{{Cite web|url=https://tahoe-lafs.org/trac/tahoe-lafs/wiki/OSPackages|title=OSPackages – Tahoe-LAFS|website=tahoe-lafs.org|access-date=2014-01-27|archive-date=2013-11-12|archive-url=https://web.archive.org/web/20131112174731/https://tahoe-lafs.org/trac/tahoe-lafs/wiki/OSPackages|url-status=live}} It is distributed from a site within the I2P network.{{citation needed|date=March 2021}} In contrast to normal Tahoe-LAFS operation, when I2P and Tahoe-LAFS are used together the location of the nodes are disguised. This allows for anonymous distributed grids to be formed.
See also
{{Portal|Free and open-source software}}
References
{{Reflist}}
External links
- {{Official website|https://tahoe-lafs.org/trac/tahoe-lafs}}
{{Object-capability security}}
{{File systems}}
{{Authority control}}
{{Use dmy dates|date=February 2025}}
Category:Distributed file systems
Category:Userspace file systems
Category:Free network-related software
Category:Free file sharing software
Category:Free software programmed in Python
Category:File sharing software
Category:File sharing software for Linux
Category:Virtualization software for Linux
Category:Cross-platform software
Category:Cross-platform free software