Re: Hard Drive Destruct System?
From: Walter Roberson (roberson_at_ibd.nrc-cnrc.gc.ca)
Date: 28 Nov 2004 08:52:02 GMT
In article <firstname.lastname@example.org>, Al Dykes <email@example.com> wrote:
|In article <firstname.lastname@example.org>,
|Walter Roberson <email@example.com> wrote:
|>In practice, you can't use a single encryption over a whole drive,
|>because you have to be able to randomly read or wrote from the middle of
|>it without having to decrypt everything before that point (read) or
|>re-encrypt everything after that point (write.) And directory structures
|Offhand I can't see any problem with en/decrypting data in 512 byte
|blocks as sectors are read/written to disk.
If you are using the same key each time, that scheme would suffer
a lot from "known plaintext" attacks. For example,
All blocks of NULLs would encrypt exactly the same way, and
the first 64 bytes of most non-text files would be relatively
consistant amongst filetypes, allowing you a fairly good idea
of what kind of file something was without decrypting it.
-- Is "meme" descriptive or perscriptive? Does the knowledge that memes exist not subtly encourage the creation of more memes? -- A Child's Garden Of Memes