3

Purpose: I'd like to shuffle a file system's blocks without loosing space so I thought if I formatted the disk to have exactly 2^32=4bn sectors, then a secure cipher with 32 bit wide data blocks could map all sectors to new ones without wasting place, like a hash map would do due to its collision chances.

yacrc
  • 33
  • 4
  • 2
    See https://crypto.stackexchange.com/questions/8771/is-a-small-size-block-cipher-usable for the danger of a small block size – Eugene Styer Dec 18 '22 at 23:32
  • 3
    Format Preserving Encryption techniques let you use the same technique regardless of the number of blocks, by effectively constructing a keyed permutation of any integer interval. – fgrieu Dec 19 '22 at 06:21
  • The actual purpose will be to shuffle several backups as a protection against ransomware, because if the virus can't match all the copies, I might be able to keep a system alive even during active infection. Yet what if s.b doesn't store >10⁶⁴ data - which is immense? The matching complexity increases exponentially with the number of copies, I assume. – yacrc Dec 19 '22 at 07:12
  • 4
    @yacr: I don't see how encryption or shuffling blocks can be an effective protection against cryptoransomware. The problem is making the data out of reach of the malware (at least, out of of write reach), so that it can't rewrite it encrypted. – fgrieu Dec 19 '22 at 07:28
  • @fgrieu: suppose I created several copies of a disk partition, yet I encrypted both the data and the sector addresses with new keys for each copy. Then I should be able to simply access copies by knowing the keys, yet a cryptoransomware can't so easily find the matching data with billions of sectors in each copy. Unless all copies were damaged, I can periodically reconstruct the data that the virus encrypts. – yacrc Dec 19 '22 at 07:52
  • 1
    The malware can simply damage your data no matter how it is encrypted. – fraxinus Dec 19 '22 at 18:16

1 Answers1

10

A block cipher with any given key is always a permutation. It will map all possible inputs to all possible outputs. If it didn't, and multiple inputs mapped to a single output, then it wouldn't be reversible.

Note that a 32-bit block size is not secure for encryption, as Eugene Styer pointed out in a comment. This is not likely to be an issue if you're only using it to "shuffle" $2^{32}$ sectors. For this, you could use Speck32/64, which is a block cipher with a 32-bit block and a 64-bit key. Again, it is not secure.

forest
  • 15,253
  • 2
  • 48
  • 103