Ductile disk encryption

Category:	Software
Responses:	2 (1 in support, 0 neutral, 1 in opposition)
Number of views:	714
Tracking:	Track this idea

Community Rating:

Average

Your Rating:

There are two primary problems with disk encryption. The first is efficiency. Each data block stored on the disk needs to be encrypted independantly of the others to avoid the cost of decoding many blocks just to read one. The second is an attack by analysing the patterns of stored data. For instance, blocks consisting of the plaintext of just zeros will occur at various places. By analysing the patterns of encrypted data at attacker can guess the contents of some blocks, leading to a known plaintext attack, as well as deducing some of the use of the disk.

In addition, the history of cryptography is one of increasingly good cryptanalytic attacks on algorithms, allowing (for instance) known plaintext attacks which are sufficiently more efficient than brute force that such attacks become practical. It's just a matter of time. I'll assume that known plaintext attacks are feasible but brute force is not.

To protect against this, the encryption key for the partition must be varied using the block number to give a different encryption key for each block; and the relationship between the block key and the partition key must resist an attacker who deduces or guesses the key to a block, so that the partition key is secure.

The idea is to safely generate a block key (B) from the partition key (P) and the block number (N). The attacker, of course, knows N.

Given K<D> is the encryption of data D with key K:

B = (P<N>) < (N<P>) >

If the attacker knows B for some N, then N<K>=B is trivial to solve, and K<N>=B in a feasible known plaintext attack. However, if P is unknown, then N<P> is unknown, so K< N<P> > is not a known plaintext attack. P< N<P> > may be good enough, but just in case it may be reducible to K<N>, I prefer the form above. However, this is just my paranoia; YPMV.

This requires an extra 3 encrypt/decrypt operations per block. If the disk block is 1KB and the cypher block size is 256bits (32bytes) then the normal encrypt/decrypt overhead is 32 encryption operations, so the extra overhead in just undor 10%. That seems reasonable for a fairly ductile solution.

nihil, Jul 22 2005

What do you think of this idea or comment?
(You can change your vote at any time)

I agree

No opinion

I disagree

Users who liked this idea also liked:

	Better Brake Light (446 votes)
	Aerial pictures in flight (218 votes)
	GPS and Digital Photos (173 votes)
	Ending the war on drugs (247 votes)
	LED street lights (12 votes)
	Ubiquitous virtual honeypots (7 votes)
	Bubble Wrap – Pop and Smell (9 votes)
	Compiler Security Optimization (4 votes)
	accelerometer as joystick/mous (3 votes)
	Hot Chocolate Icecream (2 votes)

Other ideas in category (Software):

	Salty encryption (1 votes)
	mute a web page (11 votes)
	Distributed set with bittorren (1 votes)
	Text VoIP (1 votes)
	Economics Simulation (9 votes)
	Invention Management Software (3 votes)
	Attachment Notation (137 votes)
	Fight Recognition Software (3 votes)
	Make Photo Slideshow yourself (2 votes)
	Studying leaf patterns (3 votes)
	Encryption (3 votes)
	Searching for images (6 votes)
	Compiler Security Optimization (4 votes)
	Vector Datatype (3 votes)
	LIP-C (1 votes)
	Spell checker collector (2 votes)
	Cascading search (3 votes)
	Software Formula for 2000 Years (3 votes)
	Triangular Pixels (4 votes)
	Forwarding sent email message (5 votes)
	Organise the Start menu (6 votes)
	Simple Shared Key Setup (1 votes)
	DDR-style piano software (4 votes)
	root means suid (2 votes)
	Scorchware (2 votes)
	Six Degrees of Computation (2 votes)
	X-drive ==> 2 physical drives (3 votes)
	Fast parallel secure hashing (1 votes)
	Standardized EULA (2 votes)
	Description field for email (3 votes)
	Honeypot feedback/automation (1 votes)
	Audio bass and treble (3 votes)
	Extension that highlights tags (1 votes)
	Upper-lower case (2 votes)
	New image file format (2 votes)
	dual scroll bars (6 votes)
	Tabbed Working (3 votes)
	Temporary file highlight (5 votes)
	Better Search Engine Links (2 votes)
	Smarter Programming (5 votes)
	Linux Distro for Business (2 votes)
	File multiple rev eliminator (3 votes)
	Mech. Design Software (2 votes)
	Checking email addresses (3 votes)
	Why Powerpoint? Be nonlinear (6 votes)
	Chat with iTunes Listeners (3 votes)
	Ebay database (2 votes)
	Encrypts the whole OS (2 votes)
	Wind offset for car (3 votes)
	Collaborative License Rating (4 votes)
	Multiscopic image modeler (2 votes)
	Simple fix for posting here (1 votes)
	Torrent-based podcasting (2 votes)
	Browser Preloads Next Page (4 votes)
	Officepets (3 votes)
	Self Authentication & Decryptn (1 votes)
	Ductile disk encryption (2 votes)
	Printing Cost per Page (2 votes)
	Community Font Classification (1 votes)
	Ubiquitous virtual honeypots (7 votes)
	MS Outlook spouses (1 votes)
	MS Outlook Contacts updates (1 votes)
	One card for the wallet (12 votes)
	Camera as A4 Scanner (6 votes)
	Ogg/PCM (3 votes)
	Keyboard equivalents (1 votes)
	OS for visually impaired (4 votes)
	Window Size Limiter (1 votes)
	Print Police (1 votes)
	MS Outlook Highlighter (1 votes)
	Eye-Tracking Video Drivers (2 votes)
	Linipedea (3 votes)
	MS Word Bookmarks & Summaries (3 votes)
	anti-virus T-cells (2 votes)
	savable scroll bars (2 votes)
	save changes dialog options (3 votes)
	Viral Marketing in Open Source (7 votes)
	Microsoft CD Bug Fixes (4 votes)
	Virtual Scanner Software (5 votes)
	Better Shrink Wrapped License (3 votes)
	Bayesian learning for (4 votes)
	enclosures (2 votes)
	Chat Prog & Problem Solving (2 votes)

Navigation

My WhyNot?

Icon Key