[cryptography] storage systems as one-way protocols

travis+ml-rbcryptography at subspacefield.org travis+ml-rbcryptography at subspacefield.org
Tue Oct 5 15:04:04 EDT 2010


I don't know if anyone else noticed this but...

Storage systems are basically a subclass of protocols; they're
unidirectional (with no acknowledgements).  IOW, you're sending
messages to yourself at some (future) point in space-time.

The recipient cannot respond, so is necessarily unauthenticated.

However, the converse is not true; the sender can apply a MAC
to the data to assure the recipient it has not been altered.

Q: Do any storage cryptosystems do this?
   How do they manage the metadata?

Since it is a non-interactive protocol with no recipient
authentication, anyone may be the recipient, and subject it to an
attack, which is necessarily passive and offline.

Q: What design criteria does this imply, compared to our standard
   bi-directional protocols?

And since it is unidirectional, any error correction must be of the
FEC variety; you may not go back in time and send more data.

And of course, no C/R or other protection against replay attacks.

Q: What is the analog of a replay attack in the storage crypto
   context?  Does it have something to do with not maintaining
   positive control of your storage media at all times?

In summary, it's very much like email encryption a la GnuPG.

It may be further simplified, in that the recipient and sender are
generally the same person.

In LUKS, we may have several passphrases that unlock the storage key
(which is merely what I call "key indirection", or a K-E-K).

Q: What is the meaning of this, if we recast this as a protocol?

In some cases, the storage crypto may also encrypt the storage key
to the pubkey for the enterprise, for key recovery reasons.

Q: Are there other applications of PK in storage crypto?
-- 
I find your ideas intriguing and would like to subscribe to your newsletter.
My emails do not have attachments; it's a digital signature that your mail
program doesn't understand. | http://www.subspacefield.org/~travis/ 
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20101005/58ecfbf0/attachment.asc>


More information about the cryptography mailing list