Subject: Re: FUD about CGD and GBDE
To: None <freebsd-hackers@FreeBSD.ORG, tech-security@NetBSD.ORG>
From: None <email@example.com>
Date: 03/07/2005 09:43:13
> I also believe that it would be beneficial to implement regular rewriting
> of randomly picked lock sector(s) at random times during a user specified
> interval (up to x rewrites within n seconds) in order to further obscure
> the write pattern and provide additional protection for lock sectors.
I agree. I would also add random reads (or specially designed, combined
random reads and writes) to make traffic analysis and differential attacks
a real PITA for the hacker (although this idea may not be very effective
against a highly motivated and determined attacker, such as some government,
Every data storage device has to be "hot", initially at least. Moreover,
it is much better to keep the disk attached until the last minute before
the attacker will get access to it, because this offers the user protection:
deleting keys from a "cold" disk is not possible. Therefore, it is important
for GBDE to protect "hot" disks as much as possible (including protection
methods against "cleaning lady" copy & differential attacks, for SAN
environments & other traffic analysis attacks, etc).
BTW, PHK, why did you choose the scheme of encrypting offsets of lock
sectors with part of key material and storing them somewhere, instead
of just using part of the key material itself to determine the offsets?