Object Encryption in Objectify

13-Aug-2006

The Alpha 05 (alpha_05_branch in CVS) version of Objectify encrypts objects as follows:

  1. Fill in empty space to fill a disk block (512 bytes on Reiser 4) with random data. Since the object is going to use that much disk space anyway, why not use that disk space to further complicate the issue. If the remainder of the disk space is all zeros, or some other fixed value, it is much easier to find the actual data.
  2. The data is scrambled in a psuedo-random pattern (a random number generator is seeded with the key).
  3. The block is encrypted with the Blowfish encryption.

File Encryption

I am currently in the process of adding file encryption to the Alpha 05 branch in CVS. It adds one additional complication to the above algorithm, it breaks the file up into blocks that are stored in random objects. This makes the task of unencrypting the file even more difficult because it is unknown how to reassemble the puzzle without having access to the key piece of the puzzle, which of course is encrypted to look like every other piece.

Future Changes

In the future, multiple passes of the above could be used with various different encryption algorithms and random number generators to make the data ultra secure. For example the following sequence:

  1. Fill with random data.
  2. Encrypt with 3DES
  3. Scramble with Mersenne Twister
  4. Encrypt with Blowfish
  5. Encrypt with IDEA
  6. Scramble with linear/serial random number sequence
  7. Encrypt with RC4
Since the order and which algorithms are used is unknown to the attacker, my theory is that this is much harder to crack.

You can e-mail me at:
Sorry it's not clickable, I'm trying to avoid some spam.

SourceForge.net Logo