Subject: Re: cgd and replay
To: Roland Dowdeswell <elric@imrryr.org>
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
List: tech-security
Date: 08/22/2005 03:41:06
--GxcwvYAGnODwn7V8
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Mon, Aug 22, 2005 at 11:20:58AM +1000, Daniel Carosone wrote:
+> You're still missing the point about transactions; you can't overwrite
+> (and thus invalidate) any currently valid data with partial new data
+> (such as updating a MAC block). You need to be able to have the end
+> result be all-or-nothing.
Maybe I wasn't clear on this.
I proposed something like this:
sector0: mac(sector1)+mac(sector2)+mac(sector3)+...+mac(sectorN)
sector1: data
sector2: data
...
sectorN: data
sectorN+1: mac(sector1)+mac(sector2)+mac(sector3)+...+mac(sectorN)
Then, if you have power failure, let's say, before writing sector2, but
after sector1 you have new MACs in sector0 and old MACs in sectorN+1.
On read, you verify sector1 integrity based on mac(sector1) from sector0,
then you verify sector2 against mac(sector2) from sector0 and you failed,
so you verify it against mac(sector2) from sectorN+1. And so on.
For me it is safe if we assume writing single sector is atomic.
--=20
Pawel Jakub Dawidek http://www.wheel.pl
pjd@FreeBSD.org http://www.FreeBSD.org
FreeBSD committer Am I Evil? Yes, I Am!
--GxcwvYAGnODwn7V8
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
iD8DBQFDCS0xForvXbEpPzQRAv8sAKDdrKEtBe3GAhcaey0Dh/WCAAsTgwCgmIzO
AX9LPI8CzqGJkxtlNRGLX6Y=
=UZpj
-----END PGP SIGNATURE-----
--GxcwvYAGnODwn7V8--