Dear Poul-Henning,
> >> On a modern disk there is no sequence of writes that will guarantee
> >> you that your data is iretriveable lost.
> >> Even if you rewrite a thousand times, you cannot guard yourself against
> >> the sector being replaced by a bad block spare after the first write.
> >
> >Good point. In the rare chance event that this happens, it would indeed be
> >bad
> >news as an attacker would then only have to scan the bad blocks for possible
> >copies of the key.
>
> He still has no way of recognizing the key though...
Right, he'd have to try them all.
> >A simple improvement on the present situation would already be if
> >the keys were not overwritten with zeros but with random bits. I
> >don't know how difficult it would be to attempt to physically write
> >random bits multiple times but it would much strengthen the feature
> >apart from the rare cases when the sectors of the masterkey have
> >been remapped into bad blocks.
>
> Please read the paper, there is a reason why it is zero bits.
Sorry, forgot.
> >What do you think? Is the required effort disproportional to the
> >intended value of the blackening feature?
>
> Blackening adds no significant incremental security imo,
>From a security point of vie, yes. From a social/civil-liberties/legal point
of view, I felt it was an excellent thing to have.
> on the
> other hand it is feasible to implement it, so I've put it on the
> todo list.
That's great, thanks a lot!
With best regards,
David.
------------------------------------------------------------------------
Dr David Philip Kreil ("`-''-/").___..--''"`-._
Research Fellow `6_ 6 ) `-. ( ).`-.__.`)
University of Cambridge (_Y_.)' ._ ) `._ `. ``-..-'
++44 1223 764107, fax 333992 _..`--'_..-_/ /--'_.' ,'
www.inference.phy.cam.ac.uk/dpk20 (il),-'' (li),' ((!.-'
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"
