encrypted tapes (was Re: Papers about "Algorithm hiding" ?)

james hughes hughejp at mac.com
Wed Jun 8 00:02:21 EDT 2005 

There are large institution with 1000s of tape drives and 1,000,000  
or more cartridges. Even simple solutions are huge to implement. This  
is a non-trivial matter. The technical solutions are possible, there  
are vendors out there that are already doing this. Getting from here  
it there, even if the solutions were available for free is still a  
very expensive challenge.

One proof point is that the standards are not in place for this yet.

Bottom line, this issue is here to stay and will take years to solve.  
It is not a cryptographic problem, it's harder than that.

jim



On Jun 7, 2005, at 6:19 PM, Mark Allen Earnest wrote:

> Steven M. Bellovin wrote:
>  > The bigger issue, though, is more subtle: keeping track of the  
> keys is
>
>> non-trivial.  These need to be backed up, too, and kept separate  
>> from (but synchronized with) the tapes.  Worse yet, they need to  
>> be kept secure.  That may mean storing the keys with a different  
>> escrow company.  A loss of either piece,the tape or the key,  
>> renders the backup useless.
>>
>
> Basically, expensive or not, security is very hard to get right.  
> When you look at Choicepoint, Bank of America, and Citigroup (not  
> to mention universities and smaller businesses) they have little to  
> no incentive to keep your personal data secure. YOU bear the cost  
> of data compromise, not them. The worst they get is some bad  
> publicity and only if it affects CA residents, otherwise it can be  
> kept quiet. The threat of bad publicity does not mean much when  
> next week your compromise due to bad security will be forgotten as  
> the media switches to the next one.
>
> As it stands today, the cost/benefit analysis easily directs them  
> away from taking strong measures to protect customer's financial  
> data. Doing so is time consuming, opens up potential for problems,  
> and gets them next to nothing in return.
>
> -- 
>
> Mark Allen Earnest
>
> Lead Systems Programmer
> Emerging Technologies
> The Pennsylvania State University
>
> Lt Commander
> Centre County Sheriff's Office Search and Rescue
>
> KB3LYB
>


---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list