Date: Sun, 05 Sep 2004 14:13:52 +0200 From: "Poul-Henning Kamp" <phk@phk.freebsd.dk> To: David Kreil <kreil@ebi.ac.uk> Cc: freebsd-questions@freebsd.org Subject: Re: gbde blackening feature - how can on disk keys be "destroyed" thoroughly? Message-ID: <25405.1094386432@critter.freebsd.dk> In-Reply-To: Your message of "Sun, 05 Sep 2004 00:32:59 BST." <200409042332.i84NWxC17377@puffin.ebi.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <200409042332.i84NWxC17377@puffin.ebi.ac.uk>, David Kreil writes: >> On a modern disk there is no sequence of writes that will guarantee >> you that your data is iretriveable lost. >> Even if you rewrite a thousand times, you cannot guard yourself against >> the sector being replaced by a bad block spare after the first write. > >Good point. In the rare chance event that this happens, it would indeed be bad >news as an attacker would then only have to scan the bad blocks for possible >copies of the key. He still has no way of recognizing the key though... >A simple improvement on the present situation would already be if >the keys were not overwritten with zeros but with random bits. I >don't know how difficult it would be to attempt to physically write >random bits multiple times but it would much strengthen the feature >apart from the rare cases when the sectors of the masterkey have >been remapped into bad blocks. Please read the paper, there is a reason why it is zero bits. >What do you think? Is the required effort disproportional to the >intended value of the blackening feature? Blackening adds no significant incremental security imo, on the other hand it is feasible to implement it, so I've put it on the todo list. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?25405.1094386432>