Security enhancement for UBIFS with secure erase feature

Artem Bityutskiy dedekind1 at gmail.com
Sun Oct 30 08:51:36 EDT 2011


Hi Joel,

On Thu, 2011-10-27 at 09:33 +0000, Joel Reardon wrote:
> So coincidentally I've been working on a secure deletion patch for UBIFS. (I'm a
> grad student researching secure deletion here in Zurich.) I'm mostly finished
> implementing it and the results are really good. It works by encrypting each
> data node individually with a different key, storing the keys in a (logically)
> fixed area, and then periodically atomically updating the key blocks to purge
> the old
> unwanted keys.

Sounds like a clever solution! It is curious to see how you made sure
that all this is power-cut safe.

> I have a couple questions to ask the main developer, mostly about orphans for
> which I found the documentation not quite clear. I'm quite keen to get
> this integrated into UBIFS, however this will be the first time I've
> contributed to the kernel so in this regard I'm unsure of the best practices
> and so forth.

Well, ask questions, send patches. This sounds very interesting.
However, I do not know if anyone will use this, hopefully yes!

Artem.




More information about the linux-mtd mailing list