[Beowulf] $1, 279-per-hour, 30, 000-core cluster built on Amazon EC2 cloud
Lux, Jim (337C)
james.p.lux at jpl.nasa.gov
Tue Oct 4 13:48:00 PDT 2011
> -----Original Message-----
> From: Robert G. Brown [mailto:rgb at phy.duke.edu]
> Sent: Tuesday, October 04, 2011 1:39 PM
> To: Chi Chan
> Cc: Rayson Ho; Lux, Jim (337C); tt at postbiota.org; jtriley at mit.edu; Beowulf List
> Subject: Re: [Beowulf] $1, 279-per-hour, 30, 000-core cluster built on Amazon EC2 cloud
>
> On Tue, 4 Oct 2011, Chi Chan wrote:
>
> > On Tue, Oct 4, 2011 at 11:58 AM, Rayson Ho <raysonlogin at gmail.com> wrote:
> >> BTW, I've heard horror stories related to routing errors with this
> >> method - truck drivers delivering wrong tapes or losing tapes
> >> (hopefully the data is properly encrypted).
> >
> > I just read this on Slashdot today, it is "very hard to encrypt a
> > backup tape" (really?):
> >
> > http://yro.slashdot.org/story/11/10/04/1815256/saic-loses-data-of-49-million-patients
>
> Not if it is encrypted with a stream cipher -- a stream cipher basically
> xors the data with a bitstream generated from a suitable key in a
> cryptographic-strength pseudorandom number generator (although there are
> variations on this theme). As a result, it can be quite fast -- as fast
> as generating pseudorandom numbers from the generator -- and it produces
> a file that is exactly the size of the original message in length.
>
> There are encryption schemes that expend extraordinary amounts of
> computational energy in generating the stream, and there are also block
> ciphers (which are indeed hard to implement for a streaming tape full of
> data, as they usually don't work so well for long messages). But in the
> end no, it isn't that hard to encrypt a backup tape, provided that you
> are willing to accept the limitation that the speed of
> encrypting/decrypting the stream being written to the tape is basically
> limited by the speed of your RNG (which may well be slower than the
> speed of most fast networks).
>
The reason it wasn't encrypted is almost certainly not because it was difficult to do so for technology reasons. When you see a story about "data being lost or stolen from a car" it's because it was an ad hoc situation. Someone got a copy of the data to do some sort of analysis or to take it somewhere on a onetime basis, and "things went wrong".
Any sort of regular process would normally deal with encryption or security as a matter of course: it's too easy to do it right.
More information about the Beowulf
mailing list