Follow Slashdot blog updates by subscribing to our blog RSS feed

 


Forgot your password?
Close
typodupeerror
×

A Move to Secure Data by Scattering the Pieces 141

Posted by Zonk from the can-you-find-me-now dept.
uler writes "The NY Times has an article about an interesting new open source storage project. Unlike data storage mechanisms today that work 'by making multiple copies of data,' the Cleversafe software takes an 'approach based on dispersing data in encrypted slices.' It's an elegant solution and one that's been a long time coming: the software uses algorithmic techniques known by mathematicians since the 70's. Adi Shamir (of RSA) first wrote of information dispersal is his 1979 paper 'How to Share a Secret (pdf).'"
This discussion has been archived. No new comments can be posted.

A Move to Secure Data by Scattering the Pieces More

A Move to Secure Data by Scattering the Pieces

Comments Filter:

  • Doesn't FreeNet do this? (Score:2, Interesting)

    by mb10ofBATX ( 126746 ) on Monday August 21, 2006 @10:58AM (#15948603)

    I've been out of the freenet loop for a long time, but I thought I remembered reading in its documentation a few years ago that it did this same kind of encrypting and dispersing chunks of data.

  • Freenet? (Score:5, Interesting)

    by BigZaphod ( 12942 ) on Monday August 21, 2006 @11:08AM (#15948681) Homepage
    Isn't this basically what freenet does? It encrypts the data into chunks and spreads it around all over the place.

    I was working on a p2p system that worked in a similar manner. I was even thinking of repurposing it for the sake of doing online backups - but frankly the bandwidth just doesn't seem to be there yet to do that sort of thing in a practical manner. That, and I got bored with the project... (but nevermind that). :-)
  • I thought about a system to do this a few years ago, but with a little twist: distribution of the pieces would be via computer virus. The pieces would be stored in user's computers, but more importantly in intrusion logs of "secure" systems as well. Retrieval would be a social act, kind of like a treasure hunt. "Hey, geeks of the world, there's this important information out there. Go figure out how to get it!"

    This system could be used for high profile secrets, like government whistle-blower data and the like. Storage would be secret and nearly undetectable because of all the other virus noise. Retrieval would be highly public by necessity, both to make retrieval possible and to publicize the contents of the data.

  • I don't see whats so new (Score:2, Interesting)

    by Alistar ( 900738 ) on Monday August 21, 2006 @11:34AM (#15948906)
    I've been doing something like this for years.

    First I would encrypt the original file, split it up into 10-100 pieces, encrypt those, hide them in other files, encrypt those, then store them in random locations around the internet either by emailing a piece to a webmail or uploading to a server somewhere, posting the binary or hex sequence to a forum, things like that.

    Heck sometimes I'd repeat the repeat the encrypt/split/hide process several times, or even put the last step as hidden. Yes I realize anyone with any computer talent could find a file hidden in another one, but it keeps it out of plain sight.
    I also remove any identifiable information on what order the pieces go in, I rely on myself to remember. Or leave clues elsewhere.
    I'll admit sometimes it takes like 3 days to gather and assemble them if I need them, though.

    I use it for things that are better off gone forever than being leaked.

  • The problem... (Score:3, Interesting)

    by Fulkkari ( 603331 ) on Monday August 21, 2006 @11:55AM (#15949068)

    The problem with this idea is bandwidth and speed. You think your broadband is fast, but if you have to download the 27 gigabytes of photos, music and stuff, it won't be exactly fast on a 8 Mbps DSL, not to talk about 1 Mbps or less. You might wait a couple of hours, but you won't wait a couple of days.

    Okay. So you tell me that amount of available bandwidth will increase? But so will the amount of data that needs to be backed up. And it will grow faster than the bandwidth. Think of homemade movies. You can already fill up your average drive in no-time. What do you then do, when you get a HD camera?

    Although the idea isn't a new one, I think it is still neat. It might work for some stuff, but I don't see this becoming mainstream with technologies like Time Machine [apple.com] coming to the end-users.

  • Re:aaaaaaaaaarrrrrrrgggggggggghhhhhhh! (Score:5, Interesting)

    by Red Flayer ( 890720 ) on Monday August 21, 2006 @12:04PM (#15949141) Journal
    It's '70s not 70's.
    Not really -- it should be '70s' in all likelihood. The first apostrophe is to represent the missing "19", the second is to denote the possessive that is implied. The term "the 1970's" is a shortening of "the years of the decade we call the 1970s," or "the 1970s' years."

    This gets messy, however, since the word 'years' is implied, and to say during the '70s' will make people wonder which 70 seconds you're talking about, and why it needs to be encapsulated with apostrophes -- is it an idiomatical 70 seconds? Kinda like the Biblical '40 days'?

    For that matter, if you really want to get pedantic, what's the use of referencing the 70s at all if you're not going to bother denoting the scale? I mean, surely not mentioning that it's AD (or CE) is going to confuse people using other calendars... more so than misusing an apostrophe, right?

    Along the same lines, it's just horrific that they'd abbreviate the decade anyway, how are we to know that the writer didn't intend the 1870s, or the 2070s even, if he happens to be living backwards in time?

    Bah, there are grammatical rules, and it's great if everyone follows them, but really, it makes no difference if he spelled it 70's, '70s, or seventies (which is the proper spelling, btw).

  • Sharing a secret in the offline world (Score:3, Interesting)

    by davidwr ( 791652 ) on Monday August 21, 2006 @01:13PM (#15949594) Homepage Journal
    A friend taught me this. The secret in his case was a proprietary industrial process.

    You take the secret and divide it into 3 pieces. You have a team of 3 people to each carry or memorize two of the 3 pieces.

    Amy carries pieces 1 and 2
    Bob carries pieces 2 and 3
    Charlie carries pieces 3 and 1

    If any one of them is compromised by bribery or other means, 1) the information is not lost and 2) the enemy has only an incomplete picture of what is going on.

    This can be extended to more people to achieve greater redundancy or less exposure:

    More redundancy: 4 people with 4 peices, each person knows 3 elements. Any 2 of 4 people needed to put the pieces together.

    Less exposure: 4 people with 4 pieces, each knows 2 elements. Any 3 of 4 people needed to put the pieces together. Loss of 1 person exposes 1/2 of the total secret.

    There's no reason to stop with 4 people and 4 pieces.

    Think of this as RAID for human-knowledge.

  • Potentially great for internal use... (Score:3, Interesting)

    by WoTG ( 610710 ) on Monday August 21, 2006 @10:31PM (#15953085) Homepage Journal
    I've often wondered when someone would get around to perfecting a dispersed backup system for LAN's. With the average workstation toteing 100GB drives, and the average use of a handful of GB's, there seems to be a surplus of cheap disk space on the LAN... at least compared to backup tapes or other media. Though, in hindsight, I guess a single fire or building disaster would still be catastrophic...

Slashdot Top Deals

If you want to put yourself on the map, publish your own map.

Close