[liberationtech] secure wipe of flash memory
Michael Rogers
michael at briarproject.org
Sat Jul 21 08:02:27 PDT 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi James,
To follow up on this, TrueCrypt uses XTS mode, which as far as I can
tell is designed to protect against an adversary who can read multiple
versions of the ciphertext:
https://en.wikipedia.org/wiki/Disk_encryption_theory#Problem_definition
However, if a flash storage device contains a journalling filesystem
or the controller chip uses journalling, the adversary may be able to
tell when each block of the encrypted volume was updated, which might
reveal the presence of a hidden volume:
http://www.truecrypt.org/docs/?s=journaling-file-systems
Does anyone on the list know whether flash controller chips use
journalling? I'm guessing they might because YAFFS does.
Cheers,
Michael
On 17/07/12 00:48, James Vasile wrote:
> Thanks, Michael. That's a good thought. I hadn't factored in the
> notion of having multiple versions of the ciphertext. I'll take a
> look at some disk-encryption systems with that in mind.
>
> -J
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJQCsSDAAoJEBEET9GfxSfMlCIH/1Zh64P75+Y1+aDL5OdW+xTy
XlvOQJ6RF5YUANYKfwGEli6oA+3cEkLsUlL1ZGKSMX3o4whNFP3TEKA1CHOGme7j
gw50ZIk+q2zxU9c3u4AiOsEFpmixhj01GjPOfuQFCQWdGSB+qVUtWKWkALVk8axe
AKQ0b0jaZnRmwgczA4DVqydJjh20sgC/SFKTS675xGwon27wYsS2pIl93Zajemwp
0L75e9FbzgVpGefIieGND2J4vcUlsqMcNqY8ENPtSmz+B8SH99ZjwfjgEm3mpBuG
b62p3kdeI4vNXs5Hr5x6da41sUcjKiJIR0SOPfVV3+CFIf8PARXM0NNgeFMRMw0=
=5Dj4
-----END PGP SIGNATURE-----
More information about the liberationtech
mailing list