dan@geek.com.au wrote:

> On Mon, Mar 07, 2005 at 09:43:13AM -0700, soralx@cydem.org wrote:
> >
> > > I also believe that it would be beneficial to implement regular rewriting
> > > of randomly picked lock sector(s) at random times during a user specified
> > > interval (up to x rewrites within n seconds) in order to further obscure
> > > the write pattern and provide additional protection for lock sectors.
> >
> > I agree.
>
> I don't. Hiding the lock sector is pointless for hot disk attacks. A
> malicious SAN administrator (and other intermediaries, if transport
> encryption is not used) can identify the lock sector trivially,
> because gbde decrypts its location and tells you: it goes straight
> there on startup.

The idea I proposed is not meant to address the protection of hot disks,
it is mainly meant to address the protection of lock sectors on cold disks
that can be accessed at regular intervals for differential analysis. The
improved hot disk protection in terms of obscuring write patterns as a
result of this mechanism is just a beneficial side-effect and not the main
goal.

ALeine
___________________________________________________________________
WebMail FREE http://mail.austrosearch.net