secure file distribition brainstorm

R

Roedy Green

As you may know, I wrote a program called the Replicator lets a group
of people share files, by automatically giving them just the changes
each time they access the central repository. It is a free program.
It was originally used by drug researchers to share data. I use to
let people maintain a mirror of my website on their local hard disk.

I was thinking about what sorts of security could be added using USB
flash drives.

In the simplest case I distribute only encrypted files. People are
given flash drives with a list of keys on them, which restricts them
to some branches of the document tree. They can then decrypt documents
and have them in plaintext form on their hard disks.

I have tried to find out what AES hardware encryption flash drives can
do and how that might be used to improve things. The Ironkey people
seem more forthcoming than most.

I also heard than NexCopy makes flash drives used for DRM distribution
of files.

Nice features would be:

1. not possible to copy the flash drive.

2. documents are never on hard disk in plaintext form. The viewer is
incapable of storing them there.

3. ability to revoke without co-operation of the revokee.

4. Someone other than the owner cannot use the flash drive to access
files.

5. there is a safe way to give enhanced access to someone without
physical access to their key.

So the questions:

1. what do you know about writing software to interface with enhanced
flash drives? I have not yet found any published apis or even detailed
instruction on how to operate such features manually.

2. have you any thoughts on how a scheme might work.

3. I played with the idea what I could do with a drive with a private
and public key, that could encrypt and decrypt text from the outside,
however, I get the impression, such beasts don't exist, or that such
features are not published.
--
Roedy Green Canadian Mind Products
http://mindprod.com
To err is human, but to really foul things up requires a computer.
~ Farmer's Almanac
It is breathtaking how a misplaced comma in a computer program can
shred megabytes of data in seconds.
 
J

Joshua Cranmer

1. what do you know about writing software to interface with enhanced
flash drives? I have not yet found any published apis or even detailed
instruction on how to operate such features manually.

My guess is that probably involves talking to the device with direct USB
protocols. That, or a library provided by the hardware vendor.
3. I played with the idea what I could do with a drive with a private
and public key, that could encrypt and decrypt text from the outside,
however, I get the impression, such beasts don't exist, or that such
features are not published.

You can basically do what S/MIME does: public key-encryption of the
shared key for the encrypted data, using different shared keys for each
individual data.
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads


Members online

Forum statistics

Threads
473,968
Messages
2,570,153
Members
46,701
Latest member
XavierQ83

Latest Threads

Top