Date: Sun, 6 Mar 2005 19:11:19 -0800 (PST) From: "ALeine" <aleine@austrosearch.net> To: dan@geek.com.au Cc: tech-security@NetBSD.ORG Subject: Re: FUD about CGD and GBDE Message-ID: <200503070311.j273BJ2d085385@marlena.vvi.at>
next in thread | raw e-mail | index | archive | help
dan@geek.com.au wrote: > On Mon, Mar 07, 2005 at 09:43:13AM -0700, soralx@cydem.org wrote: > > > > > I also believe that it would be beneficial to implement regular rewriting > > > of randomly picked lock sector(s) at random times during a user specified > > > interval (up to x rewrites within n seconds) in order to further obscure > > > the write pattern and provide additional protection for lock sectors. > > > > I agree. > > I don't. Hiding the lock sector is pointless for hot disk attacks. A > malicious SAN administrator (and other intermediaries, if transport > encryption is not used) can identify the lock sector trivially, > because gbde decrypts its location and tells you: it goes straight > there on startup. The idea I proposed is not meant to address the protection of hot disks, it is mainly meant to address the protection of lock sectors on cold disks that can be accessed at regular intervals for differential analysis. The improved hot disk protection in terms of obscuring write patterns as a result of this mechanism is just a beneficial side-effect and not the main goal. ALeine ___________________________________________________________________ WebMail FREE http://mail.austrosearch.net
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200503070311.j273BJ2d085385>