1993-06-04 - Re: CryptoStacker, long term vision

Header Data

From: RYAN Alan Porter <ryan@rtfm.mlb.fl.us>
To: Eric Hughes <hughes@soda.berkeley.edu>
Message Hash: d5a460db22229dd3eea044b568897530caa6fc61da9adda3414fd23dd83ec1f1
Message ID: <Pine.3.03.9306032207.D28432-b100000@rtfm>
Reply To: <9306031522.AA26005@soda.berkeley.edu>
UTC Datetime: 1993-06-04 03:31:21 UTC
Raw Date: Thu, 3 Jun 93 20:31:21 PDT

Raw message

From: RYAN Alan Porter <ryan@rtfm.mlb.fl.us>
Date: Thu, 3 Jun 93 20:31:21 PDT
To: Eric Hughes <hughes@soda.berkeley.edu>
Subject: Re: CryptoStacker, long term vision
In-Reply-To: <9306031522.AA26005@soda.berkeley.edu>
Message-ID: <Pine.3.03.9306032207.D28432-b100000@rtfm>
MIME-Version: 1.0
Content-Type: text/plain

On Thu, 3 Jun 1993, Eric Hughes wrote:

> A related topic to encrypted disk drives.  Anybody who has a desire to
> see their data around long term makes backups of their drives.  At
> least one of these backups is usually physically near the drive in
> question.
> What good it is to have an encrypted disk if the backups are not also
> encrypted?
> Backups occur at the file system level, where an encrypted file system
> does not appear encrypted, so that work here does not directly
> leverage to encrypted backups.

This is a good point.  The only thing that I can think of in response is
that there is now a need for a cryptobackup system.  I can easily see how
this could be accomplished with disk spanning, but I'm not sure that we
could create something to work with all of the different tape drive
standards.  Perhaps just write a freeware system that could handle disk
spanning and a few major, common tape systems (Colorado, etc...)

I have to admit, that does present a minor problem.

There is, of course, another way to do it which would speed things up by
not having the date come from the disk, get decrypted by my driver and
then get immediately encrypted agian before they get to the backup, and
that is to simply operate the backup system as normally from the 'fast'
partition with the encryption driver turned OFF.  You back up the secure
partition that way, and then whatever goes to the tape is pure garbage,
and then you just turn the driver back on by rebooting.

When you want to restore you simply turn the driver off, restore to the
secure partition, and reboot to get your data again.

No matter what kind of a system you are using, you are still going to need
some unencrypted disk space to boot from, so that is where you stick your
backup programs.

Hell, the more I think about it, it won't be any problem at all...

> Eric

the Bit Wallah