11:37 Absolutely protected file system | |
In explanation of this post. Suppose you have a system that must be protected from the hypothetical intruders. We also assume that attackers can get physical access to media data, and, even more unpleasant, physical access (with the possible use of physical force) directly to you. Necessary to ensure that the following conditions:
I think I know how it can be implemented. First of all, I want to say that everything below and above is only theoretical arguments are not calling for anything, except to discuss the potential of creating such a file system. So, initially the disc we have presented a set of blocks of fixed size blocks are consecutive and can be numbered from 0 to N. Suppose we have a certain function F (i, K), takes a block number i and a key K. Function is such that for any 0 <= i <= N the result is in the range [0 .. N] and for different i the result will be different. In other words, the function F translates "logical" block number in the "physical", depending on the key K. Such a function can be constructed, for example, by reversing the bits in i. First, we generate the key K1, and create a filesystem on a "mixed" with the F drive. Fill it with some data, which we call "open." Data is encrypted by a particular algorithm (described below). Key K1, we can safely report attackers. Domustim, these data have taken a set of M [] blocks on the filesystem. Next step we generate the key K2 so that the blocks included in the M [], consistent with the same set of i, say, i = N-Nm ... N, where Nm - number of blocks in M ??[]. In the future we do not use the blocks. This is probably the most non-trivial step, but it can be alleviated if the algorithm for file allocation in blocks of PS is quite simple. The remaining place in the blocks i = 0 ... N-Nm-1, place the private data and access to attackers who want to exclude. The data is encrypted. About the encryption algorithm. To ensure the impossibility of modifying data on the filesystem without destroying it, you must use an asymmetric public key encryption. In this case, "public key" is used to read (decryption), and "closed" - for writing (encryption). Public key used to decrypt the "open data" can provide attackers, but the private key, they should not give (it will be difficult, yes, but it is quite possible). Attackers will be able to read data from the open part of the FS, but can not modify it. Encryption closed part of the FS should be such that the entropy of the encrypted data was as much as possible is great. Ie To encrypt a block of data was indistinguishable from a simple block, downtrodden random numbers. If this filesystem when deleting a file will be freed blocks to score "garbage", then the blocks with hidden data does not differ from a simple free blocks using the key K1. So, in case of capture and drive you to intruders, you can safely tell them K1 and the public key to read data from "open" section. The presence of the disk has some data, you can feel free to deny, to prove their existence, not knowing the K2 and the second set of encryption keys will be impossible. Also, as will be impossible to modify data in the "open" section, as "private" key to write you this most attackers, razumeentsya, flatly refuse to disclose. I do not think I was the first who came up with this idea, so if anyone of my readers will point to the already existing implementation of this - I will be very grateful. | |
|
| |
| Total comments: 0 | |