[Cryptography] WIPEONFORK in Linux 4.14

Henry Baker hbaker1 at pipeline.com
Sat Nov 25 11:01:40 EST 2017

At 01:16 PM 11/24/2017, Nico Williams wrote:
>On Fri, Nov 24, 2017 at 07:54:07AM -0800, Henry Baker wrote:
>> Now if we could just get a "clean" file system that is guaranteed to
>> erase all traces of a file when it is deleted -- not only the file
>> contents, but also any metadata and old filenames stored in the
>> directories.
>You can't get this without support from the device.  There's no way to
>guarantee that an overwrite is an overwrite, or that there's no trace
>left of the original.
>It's better instead to have per-file encryption keys, then you can
>forget those.  Of course, those keys have to be stored encrypted in some
>other, master key, and since this all would go on disk... this doesn't
>help all that much either as it's turtles all the way down (up), and so
>eventually for secure deletion via decryption-key-forgetting you have to
>actually change a master key and humanly forget the passphrase it was
>derived from.
>> Yes, I know there are "secure delete" commands, but they're useless
>> unless they can somehow be made the *default* behavior for all file
>> operations.

Many (most ?) file ops now occur in *virtual machines*, which include
*virtual disks* which can be *dynamically allocated*.  In particular,
blocks which are *all zeros* aren't stored at all, so these virtual
disk images are "sparse arrays" of non-zero blocks.

It's actually worth zeroing out these blocks (cleverly, of course),
so that they take up no space and no transfer bandwidth.

So what I'm suggesting is *in addition to* using encryption,
automatically zero out deleted files.

More information about the cryptography mailing list