[nSLUG] RAID on USB flash disks

Stephen Gregory nslug at kernelpanic.ca
Sun Mar 12 20:06:59 AST 2006


On Sun, Mar 12, 2006 at 06:10:08PM -0500, Stephen Gregory wrote:
> 
> It don't think this would be secure. I believe getting one of the
> three keys would give you half the data.

I did some tests and large chunks of data are easily read. An attacker
who retrieved one of the keys would have one third of your data.

Wikipedia has an article on securely splitting data. Read the "Trivial
secret sharing" section:

http://en.wikipedia.org/wiki/Key_splitting


What I did to test the raid:

created 3 1MB files and attached the files to loop devices:

$ dd if=/dev/zero of=dev1 bs=1024 count=1024
# losetup -f dev1
repeat for dev1 dev2

created the raid array. --auto may be a Debianism.

# mdadm --create --level=5 --auto /dev/md0 --raid-devices 3 /dev/loop0 /dev/loop1 /dev/loop2

created a filesystem, mounted it, and filled the fs with data

# mke2fs /dev/md0
# mount /dev/md0 /mnt
$ while echo "AAAA" >> /mnt/foo; do true; done

umounted, stopped the raid array, and removed the loops
(I also waited to insure the raid was fully synced)

# umount /mnt
# mdmadm --stop /dev/md0
# loset -d /dev/loop0   
repeat for loop1 loop2

then checked for the AAAA pattern

$ grep -c AAAA dev1
127578

each AAAA match is 5 bytes. 4 chars + return (0x0a). 127578 * 5 is
623KiB. The size of the "foo" file would have been about 1900KiB.

-- 
sg

!DSPAM:4414b7a5177342117620706!




More information about the nSLUG mailing list