Design a filesystem optimized to make secure deletion easy.
Perhaps: each file or chunk is encrypted with a different session key, so securely deleting a file only requires securely destroying the session key rather than the entirety of the file. Each session key is derived from a master key and a fairly large initialization vector that is stored in disk. The large IV yields an all-or-nothing encryption property: destroying most of the IV is enough to securely delete the data. If, say, an attacker recovers the master key through rubber hose cryptanalysis and all but 128 bits of the IV through disk forensics, the attacker still has to brute force 2^128 possibilities of IV.
This is kind of the opposite of error correcting codes where recovering most of the data is enough.
No comments :
Post a Comment