[Cryptography] Shredding a file on a flash-based file system?

Natanael natanael.l at gmail.com
Thu Jun 19 16:14:16 EDT 2014 

Den 19 jun 2014 21:37 skrev "Jerry Leichter" <leichter at lrw.com>:
>
> On Jun 19, 2014, at 9:43 AM, John Denker <jsd at av8n.com> wrote:
> >> Does anyone know if this assumption is reasonable?
> >
> > Almost any crypto-related assumption about flash-based file
> > systems is not reasonable.  Ditto for many other modern
> > hardware systems.  They do too much behind your back,
> > including moving data from place to place.

[...]

> As always, the killer is the stand-alone system that has to reboot
without someone there to type in the disk decryption password.  TPM's are a
great solution to this problem - or would be if they hadn't gotten twisted
to support DRM.
>
> (I know of a company that has a bunch of standalone servers that need
access to encryption keys and are scattered throughout the company campus.
 They decided that these things are almost never shut down, so it's not
worth deploying a secure way to store the keying information.  Instead, a
rebooting machine has enough smarts to ping the support center for help; a
person comes out and supplies the keying information.  Makes for a big
fire-drill after a large power-failure - which has happened - but that's
considered a worthwhile tradeoff.)
>                                                         -- Jerry

Maybe Mandos would be helpful to them. If you trust the servers to run
correctly when they are unattended, you probably won't need more than to be
notified when they reboot as they usually aren't particularly more
sensitive when booting. If you're worried about evil maid attacks, then the
attacker could do similar things when it is already running anyway.

Quoting the wiki: "Mandos is a system for allowing servers with encrypted
root file systems to reboot unattended and/or remotely".

https://wiki.recompile.se/wiki/Mandos
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140619/ac869e56/attachment.html>

More information about the cryptography mailing list