gbde blackening feature - how can on disk keys be "destroyed" thoroughly?

David Kreil kreil at ebi.ac.uk
Fri Sep 3 15:44:02 PDT 2004


Hi,

>From what I can see so far, they are simply overwritten with zeros - is that 
right? If so, the blackening feature would be much weakend, as once can read 
up to 20 layers of data even under random data (and more under zeros). I would 
be most grateful for comments, or suggestions of where/how one could extend 
the code to do a secure wip of the key areas. Also, I know practically nothing 
of how I could to best get FreeBSD to physically write to disk 
(configurability of hardware cache etc permitting).

With best regards,

David.

> 
> Hello,
> 
> I was wondering whether someone knowledgable about gbde internals could tell 
> me how the keys are being destroyed on request under the "blackening feature". 
> Ideally, I'd like them to be overwritten with random data at least 20 times 
> independently, but I suspect it may well be done in a different way. I'd be 
> grateful for learning how the blackening works (and why!).
> 
> With many thanks for your help in advance,
> 
> David Kreil.
> 

------------------------------------------------------------------------
Dr David Philip Kreil                 ("`-''-/").___..--''"`-._
Research Fellow                        `6_ 6  )   `-.  (     ).`-.__.`)
University of Cambridge                (_Y_.)'  ._   )  `._ `. ``-..-'
++44 1223 764107, fax 333992         _..`--'_..-_/  /--'_.' ,'
www.inference.phy.cam.ac.uk/dpk20   (il),-''  (li),'  ((!.-'




More information about the freebsd-fs mailing list