applied cryptography - protocols, algorithms, and source code in c

Applied cryptography protocols algorithms and source code in c

Info iconThis preview shows page 1. Sign up to view the full content.

View Full Document Right Arrow Icon
This is the end of the preview. Sign up to access the rest of the document.

Unformatted text preview: able, works great, but has the drawback of only allowing 20 or so characters of subliminal text to be sent per signed innocuous message. It really isn’t good for much more than sending keys. 10.9 Destroying Information When you delete a file on most computers, the file isn’t really deleted. The only thing deleted is an entry in the disk’s index file, telling the machine that the file is there. Many software vendors have made a fortune selling file-recovery software that recovers files after they have been deleted. And there’s yet another worry: Virtual memory means your computer can read and write memory to disk any time. Even if you don’t save it, you never know when a sensitive document you are working on is shipped off to disk. This means that even if you never save your plaintext data, your computer might do it for you. And driver-level compression programs like Stacker and DoubleSpace can make it even harder to predict how and where information is stored on a disk. To erase a file so that file-recovery software cannot read it, you have to physically write over all of the file’s bits on the disk. According to the National Computer Security Center [1148]: Overwriting is a process by which unclassified data are written to storage locations that previously held sensitive data.... To purge the...storage media, the DoD requires overwriting with a pattern, then its complement, and finally with another pattern; e.g., overwrite first with 0011 0101, followed by 1100 1010, then 1001 0111. The number of times an overwrite must be accomplished depends on the storage media, sometimes on its sensitivity, and sometimes on different DoD component requirements. In any case, a purge is not complete until a final overwrite is made using unclassified data. You may have to erase files or you may have to erase entire drives. You should also erase all unused space on your hard disk. Most commercial programs that claim to implement the DoD standard overwrite three times: first with all ones, then with all zeros, and finally with a r...
View Full Document

This note was uploaded on 10/18/2010 for the course MATH CS 301 taught by Professor Aliulger during the Fall '10 term at Koç University.

Ask a homework question - tutors are online