Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 2 Dec 2004 20:19:54 +0100
From:      Pawel Jakub Dawidek <pjd@FreeBSD.org>
To:        John-Mark Gurney <gurney_j@resnet.uoregon.edu>
Cc:        freebsd-geom@freebsd.org
Subject:   Re: More geom classes?
Message-ID:  <20041202191954.GE813@darkness.comp.waw.pl>
In-Reply-To: <20041202183559.GH19624@funkthat.com>
References:  <41AF3FCE.1030405@fer.hr> <20041202183559.GH19624@funkthat.com>

next in thread | previous in thread | raw e-mail | index | archive | help

--MIdTMoZhcV1D07fI
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Thu, Dec 02, 2004 at 10:35:59AM -0800, John-Mark Gurney wrote:
+> Ivan Voras wrote this message on Thu, Dec 02, 2004 at 17:16 +0100:
+> > I think I misunderstood something. Do you propose this (for 2 disks):
+> >=20
+> > for each block to be written:
+> > a) generate a block of random data
+> > b) write random data to first disk
+> > c) write random data xor user data to second disk
+> >=20
+> > So, as long as any person has both disks, the data can be recovered.=
=20
+> > Where's the security in that?
+>=20
+> No, the point is to take say, a CDROM which you have preloaded with pure
+> random data, i.e. burncd /dev/random, then you create a proper sized
+> partition, then using gxor you meld the two...
+>=20
+> Then for any read/write requests, you take the data, read from the OTP,
+> xor the data, and pass it on...  Then when you go away, you take the
+> cdrom, w/o it, there is no data...
+>=20
+> I like the idea, and it would be a perfect project from someone who is
+> learning geom...

I was thinking about simlar thing, as we use simlar mechanisms at work
to share a secret between a few smart cards.

I'm also not sure if CD-ROM with static random data will be safe enough.
I want to generate random data before every write, xor data with generated
random data and write both. It should also be faster, as I don't need to
read random data first. It could be less safe from data integrity point
of view in case of a power failure, when write request reach only one
component.

We can also implement both:)

I think, I can do it quite fast.

--=20
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd@FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!

--MIdTMoZhcV1D07fI
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (FreeBSD)

iD8DBQFBr2raForvXbEpPzQRArfiAJwK2ZX4qKhXzTmL8IaUCJmihVwMCACglm3d
Iw2c3KV6qbBMeBrrLCJzWFc=
=wcth
-----END PGP SIGNATURE-----

--MIdTMoZhcV1D07fI--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20041202191954.GE813>