Thread Links			Date Links
Thread Prev	Thread Next	Thread Index	Date Prev	Date Next	Date Index

RE: Threat Model

To: Jim.Williams@EMULEX.COM
Subject: RE: Threat Model
From: Donald.R.Beaver@SEAGATE.COM
Date: Tue, 13 Apr 2004 17:30:09 -0400
Cc: stds-p1619@majordomo.ieee.org
Sender: owner-stds-p1619@listserv.ieee.org

Hi all,

Jim Williams wrote:
>Shai Halevi wrote:

>> The easiest thing would be to add a 64-bit message-authentication-code
>> on top of the encryption. Optimizations are possible, of course (e.g.,
>> use some variant of OCB).
>
>I was specifically talking about the addition of the 64 bit "Block guard"
>which I believe is under discussion in T11.  Perhaps someone can be more
>specific here.

See the excerpt below.  The T10 proposal is merely for a CRC
during data transmission, not for explicit persistent storage or
cryptographic protection.

Even though the proposal does claim 'protection information is retained,'
it allows the device to 'recalculate on read back.'

I suspect that any debate in T10 will include the very strong but unstated
assumption that 'retention' must not cause explicit storage space
inefficiency.

Obviously this is incompatible with the 64-bit MAC approach.

Less obviously, the reasoning in T10 will probably not touch this future
issue.

>It seems likely that use of the block guard will become the norm for
>high end storage.  Although, to be transparent, the block guard bits
>must be encrypted and decrypted along with the data bits, there is
>a difference.  If the block guard bits are incorrect, this will be
>detected and cause a fatal error.  This is unlike the data bits,
>which if incorrect will be passed to the application without checking.

Assuming that T10 were to provide for explicit storage of the 'block
guard',
and we could use it for cryptographic protection instead, then I tend
to agree with Shai's remarks above, IMHO.  (Patent considerations aside.)

Best,

Don

4.15 Protection information model

4.15.1 Protection information overview

This data protection model provides for protection of the data while
it is being transferred between a sender and a receiver. Protection
information is generated at the application layer and may be checked
by any object along the I_T_L nexus. Once received, protection
information is retained (e.g., write to medium, store in non-volatile
memory, recalculate on read back) by the device server until
overwritten (e.g., power loss, hard reset, logical unit reset, and I_T
nexus loss have no effect on the retention of protection information).

Prev by Date: RE: Threat Model
Next by Date: Re: Threat Model
Prev by thread: Re: Threat Model
Next by thread: RE: Threat Model
Index(es):
- Date
- Thread