Security enhancement for UBIFS with secure erase feature

[Stelling Carsten]

> However, I do not know if anyone will use this, hopefully yes!
Opened the thread in September, I know someone who 'll use it.
Joel, I haven't started development jet, and it's fine to hear that re-inventing the wheel is not necessary.

Carsten

-----Ursprüngliche Nachricht-----
Von: linux-mtd-bounces at lists.infradead.org [mailto:linux-mtd-bounces at lists.infradead.org] Im Auftrag von Artem Bityutskiy
Gesendet: Sonntag, 30. Oktober 2011 13:52
An: Joel Reardon
Cc: linux-mtd at lists.infradead.org
Betreff: Re: Security enhancement for UBIFS with secure erase feature

Hi Joel,

On Thu, 2011-10-27 at 09:33 +0000, Joel Reardon wrote:
> So coincidentally I've been working on a secure deletion patch for 
> UBIFS. (I'm a grad student researching secure deletion here in 
> Zurich.) I'm mostly finished implementing it and the results are 
> really good. It works by encrypting each data node individually with a 
> different key, storing the keys in a (logically) fixed area, and then 
> periodically atomically updating the key blocks to purge the old 
> unwanted keys.

Sounds like a clever solution! It is curious to see how you made sure that all this is power-cut safe.

> I have a couple questions to ask the main developer, mostly about 
> orphans for which I found the documentation not quite clear. I'm quite 
> keen to get this integrated into UBIFS, however this will be the first 
> time I've contributed to the kernel so in this regard I'm unsure of 
> the best practices and so forth.

Well, ask questions, send patches. This sounds very interesting.
However, I do not know if anyone will use this, hopefully yes!

Artem.


______________________________________________________
Linux MTD discussion mailing list
http://lists.infradead.org/mailman/listinfo/linux-mtd/