Documentation ¶
Overview ¶
Package afis implements Anti-Forensic Information Splitting
The splitter supports secure data destruction crucial for secure on-disk key management. The key idea is to bloat information and therefor improving the chance of destroying a single bit of it. The information is bloated in such a way, that a single missing bit causes the original information become unrecoverable. The theory behind AFsplitter is presented in TKS1.
The interface is simple. It consists of two functions:
Split(data, stripes) Merge(data, stripes)
Split operates on data and returns information splitted data. Merge does just the opposite: uses the information stored in data to recover the original splitted data.
References ¶
AFsplitter reference implementation at http://clemens.endorphin.org/AFsplitter
TKS1 paper at http://clemens.endorphin.org/TKS1-draft.pdf
Index ¶
Examples ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrMinStripe = errors.New("afis: at least one stripe is required") ErrDataLen = errors.New("afis: data length is not multiple of stripes") )
Errors.
DefaultHash is our default hashing function.
Functions ¶
func Merge ¶
Merge data splitted previously with Split using the default SHA-1 hash.
Example ¶
secretKey := make([]byte, 16) if _, err := io.ReadFull(rand.Reader, secretKey); err != nil { panic(err) } // Split the original data using 4 stripes. scrambled, err := Split(secretKey, 4) if err != nil { panic(err) } // Merge back key, err := Merge(scrambled, 4) if err != nil { panic(err) } if !bytes.Equal(key, secretKey) { panic("merge failed") }
Output:
func MergeHash ¶
MergeHash merges data splitted previously with the selected hash function.
func Split ¶
Split data using the default SHA-1 hash.
Types ¶
This section is empty.