[liberationtech] secure wipe of flash memory
Michael Rogers
michael at briarproject.org
Mon Jul 16 14:53:05 PDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 16/07/12 18:34, James Vasile wrote:
> I've always assumed the flash problem implied two practices:
>
> 1) Don't save sensitive data in unencrypted form 2) Don't use a
> swap partition
>
> Given the limitations of devices as they currently are, is there
> anything else you would do?
The only other thing I can think of is to use an encryption scheme
that's secure if the adversary gets multiple versions of the ciphertext.
I'm not sure how LUKS, TrueCrypt, etc stack up in this regard.
SQLCipher looks secure as far as I can tell (but I'm *not* a
cryptographer) because it uses a fresh random IV each time it writes a
page:
http://sqlcipher.net/design/
Cheers,
Michael
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQBI1BAAoJEBEET9GfxSfMCXgH/2Arfr/JtqPy8dNfqQ6F3574
cphKmd4M1T8pdhAUlLllgGZUuNKXtpbEAODTvFSxK3lhRsAGZvrEVMS6q2he36bK
iFc6ofsBt4t3mAiQP6m8olvz1NXaBxP5JbzdLAa6tMJ4rVQHKs/lsk4xfB0vj1aY
vNgVLilIkpvwiqvhZUX1wtVdw3ajj23Fk0T24j61SZDlaCdMc4tA9ar+bqzfGF/N
KCcOn8jxcxs31tDqE7GYYf7eUKO4EVO0ZtoiHZq1UdptBW3qHneIWn5AdbRWfpdc
TNoqOPOyowfSSTJqdJJ/4tbguBHJi+UzxKBQHrYDYCjctQfNFKVgCAoX/Y60vkg=
=h1hL
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list