More geom classes?

[Pawel Jakub Dawidek]

On Thu, Dec 02, 2004 at 10:35:59AM -0800, John-Mark Gurney wrote:
+> Ivan Voras wrote this message on Thu, Dec 02, 2004 at 17:16 +0100:
+> > I think I misunderstood something. Do you propose this (for 2 disks):
+> > 
+> > for each block to be written:
+> > a) generate a block of random data
+> > b) write random data to first disk
+> > c) write random data xor user data to second disk
+> > 
+> > So, as long as any person has both disks, the data can be recovered. 
+> > Where's the security in that?
+> 
+> No, the point is to take say, a CDROM which you have preloaded with pure
+> random data, i.e. burncd /dev/random, then you create a proper sized
+> partition, then using gxor you meld the two...
+> 
+> Then for any read/write requests, you take the data, read from the OTP,
+> xor the data, and pass it on...  Then when you go away, you take the
+> cdrom, w/o it, there is no data...
+> 
+> I like the idea, and it would be a perfect project from someone who is
+> learning geom...

I was thinking about simlar thing, as we use simlar mechanisms at work
to share a secret between a few smart cards.

I'm also not sure if CD-ROM with static random data will be safe enough.
I want to generate random data before every write, xor data with generated
random data and write both. It should also be faster, as I don't need to
read random data first. It could be less safe from data integrity point
of view in case of a power failure, when write request reach only one
component.

We can also implement both:)

I think, I can do it quite fast.

-- 
Pawel Jakub Dawidek                       http://www.wheel.pl
pjd at FreeBSD.org                           http://www.FreeBSD.org
FreeBSD committer                         Am I Evil? Yes, I Am!
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-geom/attachments/20041202/25a22d5c/attachment.bin