|
|
|
|
|
|
by nocarrier
3544 days ago
|
|
|
To your last paragraph, only relying on forgetting the keys works great, as long as you have absolute 100% confidence in the mechanism used to do that. I read your posts on HN often so I know you know you're quite familiar with defense in depth--I feel that user data is one of those areas where it's ok to do more than one thing to protect the data. That said, there are a number of systems at FB where deleting a crypto key loses the linked data forever--but they still crunch the hard drives just to be really sure. The drive crunching is an incredibly tiny expenditure compared to the massive CapEx and OpEx required to build, stock, and run the datacenters. It's worth it if only for the peace of mind. |
|
|
"as long as you have absolute 100% confidence in the mechanism used to do that"
It's true. These mechanisms fail way less than shredders, though. Ideally, the drive encryption would pull KEYMAT from a dedicated system for that somehow on boot (kernel, network, whatever). That system should be medium to high assurance. Easy way is rad-hard ASIC's (or antifuse FPGA's) with ECC RAM and ChipKill that implement a safe-coded protocol engine that moves keys around in memory. These are in high-availability configuration with electrical and optical isolation. Separate box manages things, does backups on encrypted data, etc. A good HSM combo at Level 3 or 4 is already mostly there, though. Remember even Ross Anderson's people couldnt break IBM's outside some stupid, unevaluated software for banking. My ideal just assures protocol itself a bit more.
"I feel that user data is one of those areas where it's ok to do more than one thing to protect the data."
It's fine, except to environmemtalists, to do it extra on top of crypto for extra assurance. By itself, crushing it is insufficient given it might be recovered given just how much data they cram in tiny spaces. It's why DOD/NSA standards were to suck the magnetism out of the platter with qualified degaussers then destroy it. Crypto then destruction can't be directly compared but should also make it hard.
"there are a number of systems at FB where deleting a crypto key loses the linked data forever"
Great they do. Thanks for telling me.
"The drive crunching is an incredibly tiny expenditure compared to the massive CapEx and OpEx required to build, stock, and run the datacenters."
I believe that. What groups like Facebook pull off in datacenter hardware, software, and administration continues to amaze me.