Security enhancement for UBIFS with secure erase feature

Artem Bityutskiy dedekind1 at gmail.com
Sun Sep 11 09:22:36 EDT 2011


On Thu, 2011-09-08 at 16:35 +0200, Stelling Carsten wrote:
> < Are there any plans for such a security enhancement in UBIFS?
> 
> Hello Atlant,
> 
> you're right. Writing zeroes is not applicable to all kinds of flash technology.
> 
> Are there any plans to support privacy in UBIFS?
> 
> In my opinion privacy should be guaranteed by the file system, so that any
> application can rely on its security features.
> 
> There're other solutions, e.g. to encrypt the content of each file with a unique
> key stored in the metadata area of that particular file. Although this solution
> needs to secure erase the key associated with the deleted file too.
> I see, that might be a real dilemma.
> 
> Are there any suggestions?

Well, it is possible to implement secure erase, but it will be very slow
- you'll need to garbage collect all eraseblocks which contain the old
file, including all the obsolete portions of that file which might still
be on the flash media.

So basically, to secure delete a file, you'd need to scan whole flash to
find all its old (obsolete) fragments.

VS plans - no, there are no plans, UBIFS does not enjoy a lot of
developer's. You are welcome with patches, though!

-- 
Best Regards,
Artem Bityutskiy




More information about the linux-mtd mailing list