[31039] in cryptography@c2.net mail archive
Re: Interesting bit of a quote
daemon@ATHENA.MIT.EDU (Travis H.)
Sat Jul 15 00:15:31 2006
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Fri, 14 Jul 2006 22:22:25 -0500
From: "Travis H." <solinym@gmail.com>
To: "David Mercer" <radix42@gmail.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <4cf95cf30607132249v6cce88e1m36625569f2a38393@mail.gmail.com>
On 7/14/06, David Mercer <radix42@gmail.com> wrote:
> WORM drives (and WORM tapes)
> are used by organizations that need to prove that things weren't
> altered (or to be able to audit when they are).
The problem with this is determining if the media has been replaced.
Absent other protections, one could simply write a new WORM media with
falsified information.
I can see two ways of dealing with this:
1) Some kind of physical authenticity, such as signing one's name on
the media as they are produced (this assumes the signer is not
corruptible), or applying a frangible difficult-to-duplicate seal of
some kind (this assumes access controls on the seals).
2) Some kind of hash chain covering the contents, combined with
publication of the hashes somewhere where they cannot be altered (e.g.
publish hash periodically in a classified ad in a newspaper).
--
Resolve is what distinguishes a person who has failed from a failure.
Unix "guru" for sale or rent - http://www.lightconsulting.com/~travis/ -><-
GPG fingerprint: 9D3F 395A DAC5 5CCC 9066 151D 0A6B 4098 0C55 1484
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
