Half a croissant, on a plate, with a sign in front of it saying '50c'
h a l f b a k e r y
0.5 and holding.

idea: add, search, annotate, link, view, overview, recent, by name, random

meta: news, help, about, links, report a problem

account: browse anonymously, or get an account and write.



One-time use hard drives.

Computer security through one-time use pads.
  [vote for,

Someone must have thought of this already, but the idea is pretty simple. Make a computer with two HDs and fill one with random data. Store your sensitive information on the other disk as the difference taken from the random drive.

A backup of the random drive should be stored in a secure location. If something should happen that might compromise your data, there is a chip in the random drive that will securely delete it.

tduff, Mar 12 2008

(???) Truecrypt www.truecrypt.org
It is free, too. [ericscottf, Mar 12 2008]

Truecrypt http://www.truecrypt.org
Above link, corrected [imaginality, Mar 12 2008]


MaxwellBuchanan, Mar 12 2008

       I'm a little lost. A difference requires 2 datasets to be known. The random drive is one known variable but where is my data stored as the other variable?
RayfordSteele, Mar 12 2008

       Maybe it should say, "with the random data added in." That's how I think of it. It would work.
baconbrain, Mar 12 2008

       I think I see. Maybe it would be better if you carried the random drive chained to your wrist at all times, and if anyone severed the chain the drive would wipe itself?
GutPunchLullabies, Mar 12 2008

       [Rayfo] The idea is this. Suppose you want to store byte 124 at a given location on your "one-time pad" drive, and finds byte 26 there. Therefore, it stores byte 98 at th ecorresponding location on your "data" drive. Neither the data drive nor the one- time drive are useful by themselves. Together, however, the system can read bytes 26 and 98 from the corresponding locations, and add them to recover the original byte 124.
MaxwellBuchanan, Mar 12 2008

       Maybe the title should be "One-time pad hard drives."
MaxwellBuchanan, Mar 12 2008

       Sorta like RAID 5, but with fewer drives and one permanently populated.
phoenix, Mar 12 2008

       For all intents and purposes, software like truecrypt [linky] is unbreakable. Moreover, it is extremely flexible, and does not require another drive purchase or the storage of such.
ericscottf, Mar 12 2008

       Well, this method really doesn't require another drive. It could copy the one-time-pad off the drive, keep it in active memory, and write the encrypted data back onto the same drive--kind of like copying a CD. That'd erase the pad data, if you make sure you fill the disc completely. And then dump the memory.
baconbrain, Mar 12 2008

       Uh, how do you recover the data if you erased the pad?
MaxwellBuchanan, Mar 12 2008

       Oh, sorry. I've been assuming that this was for mailing the hard drive back to the spymasters in Anvilania--they'd have their copy of the pad for the decoding. I've only met one-time pads as communication in spy novels, and just went the wrong way.   

       My bad. My spymasters will reprimand me.
baconbrain, Mar 12 2008

       This is like to use entire hard drive as key to encrypt data. (very long key indeed) I say if you have few K worthy of key to encrypt is enough. A small flash card should do the job already.
MakeWorldBetter, Mar 13 2008

       It is interesting that the key size would equal the data size. In the future, as processing power increases, would it be necessary that keys become orders of magnitude larger than the data itself?
ed, Mar 13 2008


       Took me a while to get why using a whole disk - as opposed to just a file somewhere - is worth doing: it makes the self-destruct part work much more reliably. (I wouldn't do it with a chip, I'd do it with a sander - but yeah.)
jutta, Mar 13 2008

       The title threw me one this one, and I still don't get it, but this is a good idea, a 60G encryption. The tough part would actually be flling the "key" drive with truly random data. Also I'd be a little worried about disk errors as their effect would double, but that would still be completely manageable.(+)   

       I'd call it RAID -1 encryption.
MisterQED, Mar 13 2008

       //The title threw me one this one// Me too. It refers to a "one time pad" ( a single-use encryption sheet, specifying the letter substitution for each character), but it could be clearer.   

       //The tough part would actually be flling the "key" drive with truly random data// You could just use a microphone through suitable software. The bit-wise encoding of ambient noise would be effectively random at the level required.
MaxwellBuchanan, Mar 13 2008

       You are right, someone has thought of this already. Eli Biham, Adi Shamir, et al.
Any cryptographic system is as strong as its weakest link. The weakest link in this embodimoent is two-fold: The deletion of the random key on the key-drive, and the proximity of the key -drive to the cyphertext-drive. One can assume the "Eve" of this transaction will be in possession of the key and ciphertext on confiscation of the computing unit.
The natural extension of this idea keeps the pad seperated from the ciphertext. This is already implimented by the OTP dongles (fire-wire and USB drives acting as keys).
You seem *not* to be communicating data (the raison d'etre of encryption) but rather, storing it safely. For safe storage (excluding dissemination) of data, any suitably removed OTP derivative (external, RAM) will suffice. Remember, the Beale ciphers remain intact.
4whom, Mar 13 2008

       //Remember, the Beale ciphers remain intact.// Isn't that always the way?
MaxwellBuchanan, Mar 13 2008

       It might certainly be the case, but it is most certainly not the Beale and end all of this conversation.
4whom, Mar 13 2008

       One possible implementation of this idea is a "Sushi Train" of hard drives containing one-time pads -- a one-time pad for every pair of users using the service. The "sushi" part is chopping up the data into little bits and sending via an Internet where each leg is encrypted via one-time pads (so data in transit would be encrypted with multiple one-time pads). The "train" part is the constant stream of one-time pads sufficient to give each user a fresh terabyte of one-time pad every week. The mailing envelope could be painted to look like a little boat.
sninctown, Feb 29 2020


back: main index

business  computer  culture  fashion  food  halfbakery  home  other  product  public  science  sport  vehicle