[Cryptography] Wrong uses of filesystem encryption
Kent Borg
kentborg at borg.org
Fri Jan 30 14:49:50 EST 2015
On 01/30/2015 10:33 AM, U.Mutlu wrote:
> What 'best practices' for filesystem encryption are there?
Again, that horrible term! Says who? Measured how? Accomplishing what?
What is the boundary of the system you are defending? Is this a single
laptop, used by one person? Or is this a server? Does one person need
access or a group? What happens when that person is run over by an
unexpected truck or a member of the group quits in a huff?
What about backups? How do you do your backups? Are they encrypted? What
does your recovery plan look like on that day you need your backups? Do
you need file-by-file encryption? Or do you need whole filesystem
encryption? (Do you need to hide the names and sizes of the files or
just the contents?) Maybe you do both.
Why are you doing this, what are you afraid of? Something simple, like
disposing of old disks by destroying the encryption key instead of
having to destroy the platters? Or is this expected to keep the prying
eyes of the Chinese off your data next you visit China? What if someone
tries to compel disclosure of the key? The foreign cop? The thug who
carjacks you? The US border guard standing between you and home? The TSA
agent? A US federal court order?
In the simple laptop example, I hear the first thing the smart cops do
when they break down your door is plug a mouse-wiggler into your
computer, to keep the screen saver from locking them out.
Say many ways to screw up,
-kb
More information about the cryptography
mailing list