From owner-freebsd-fs@FreeBSD.ORG Sun Sep 5 14:26:48 2004 Return-Path: Delivered-To: freebsd-fs@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B322016A4CE; Sun, 5 Sep 2004 14:26:48 +0000 (GMT) Received: from maui.ebi.ac.uk (maui.ebi.ac.uk [193.62.196.100]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3192E43D4C; Sun, 5 Sep 2004 14:26:47 +0000 (GMT) (envelope-from kreil@ebi.ac.uk) Received: from puffin.ebi.ac.uk (puffin.ebi.ac.uk [193.62.196.89]) by maui.ebi.ac.uk (8.11.7+Sun/8.11.7) with ESMTP id i85EQgF14065; Sun, 5 Sep 2004 15:26:42 +0100 (BST) Received: from puffin.ebi.ac.uk (kreil@localhost) by puffin.ebi.ac.uk (8.11.6/8.11.6) with ESMTP id i85EQgB18118; Sun, 5 Sep 2004 15:26:42 +0100 Message-Id: <200409051426.i85EQgB18118@puffin.ebi.ac.uk> X-Mailer: exmh version 2.4 06/23/2000 with nmh-1.0.4 To: "Poul-Henning Kamp" In-Reply-To: Your message of "Sun, 05 Sep 2004 14:13:52 +0200." <25405.1094386432@critter.freebsd.dk> X-Habeas-SWE-1: winter into spring X-Habeas-SWE-2: brightly anticipated X-Habeas-SWE-3: like Habeas SWE (tm) X-Habeas-SWE-4: Copyright 2002 Habeas (tm) X-Habeas-SWE-5: Sender Warranted Email (SWE) (tm). The sender of this X-Habeas-SWE-6: email in exchange for a license for this Habeas X-Habeas-SWE-7: warrant mark warrants that this is a Habeas Compliant X-Habeas-SWE-8: Message (HCM) and not spam. Please report use of this X-Habeas-SWE-9: mark in spam to . Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Sun, 05 Sep 2004 15:26:42 +0100 From: David Kreil X-EBI-Information: This email is scanned using www.mailscanner.info. X-EBI: Found to be clean X-EBI-SpamCheck: not spam, SpamAssassin (score=-8, required 5, HABEAS_SWE -8.00) cc: freebsd-fs@freebsd.org cc: David Kreil cc: freebsd-questions@freebsd.org Subject: Re: gbde blackening feature - how can on disk keys be "destroyed" thoroughly? X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 05 Sep 2004 14:26:48 -0000 Dear Poul-Henning, > >> On a modern disk there is no sequence of writes that will guarantee > >> you that your data is iretriveable lost. > >> Even if you rewrite a thousand times, you cannot guard yourself against > >> the sector being replaced by a bad block spare after the first write. > > > >Good point. In the rare chance event that this happens, it would indeed be > >bad > >news as an attacker would then only have to scan the bad blocks for possible > >copies of the key. > > He still has no way of recognizing the key though... Right, he'd have to try them all. > >A simple improvement on the present situation would already be if > >the keys were not overwritten with zeros but with random bits. I > >don't know how difficult it would be to attempt to physically write > >random bits multiple times but it would much strengthen the feature > >apart from the rare cases when the sectors of the masterkey have > >been remapped into bad blocks. > > Please read the paper, there is a reason why it is zero bits. Sorry, forgot. > >What do you think? Is the required effort disproportional to the > >intended value of the blackening feature? > > Blackening adds no significant incremental security imo, >From a security point of vie, yes. From a social/civil-liberties/legal point of view, I felt it was an excellent thing to have. > on the > other hand it is feasible to implement it, so I've put it on the > todo list. That's great, thanks a lot! With best regards, David. ------------------------------------------------------------------------ Dr David Philip Kreil ("`-''-/").___..--''"`-._ Research Fellow `6_ 6 ) `-. ( ).`-.__.`) University of Cambridge (_Y_.)' ._ ) `._ `. ``-..-' ++44 1223 764107, fax 333992 _..`--'_..-_/ /--'_.' ,' www.inference.phy.cam.ac.uk/dpk20 (il),-'' (li),' ((!.-'