Tollef Fog Heen's blog

After getting up at 0330 this morning (for some value of morning), I am now out travelling again, this time to Portland, Oregon. So far it's been fairly eventless, but I have made some observations. I think I landed in a different terminal in Frankfurt or something like that, since I didn't recognise anything there. Oh well. For some reason, I did not have to go through a secondary security check when coming in. Whether that's because of randomness or the US having changed their policies, I have no idea. Pleasant enough, though.

The other thing that happened in Frankfurt was the woman in the boarding pass check area insisted on seeing a printout of my travel schedule, or rather, that I had a return flight booked. I don't always care about those (what's the point of an "electronic ticket" if you still have to carry around a bit of paper?), but luckily, I managed to find my printout fairly quickly. At Gardermoen, I had already given my hotel address, but the not-so-nice lady demanded I give them again.

What annoys me about all this is not so much the hoops I have to jump through each time, but rather the lack of predictibility. I would be fine with most procedures if they didn't change every three months, seemingly for no other reason than change itself.

I love the mornings where as I am lying in bed, slowly waking up, Karianne moves closer to me so I feel her breathing and the heat from her body.

We got back from Brussles fine, in one piece and all with no beer bottles broken. Yay! Last week passed in a blur and I can't really remember much of what I did, except build some IKEA furniture on Friday, in the revamped server room at Freecode. Went for a walk in the woods on Saturday, as usual, role-playing on Sunday.

Work's been fairly good this week and I have gotten quite a lot useful work done and it feels like the pressure is getting a little bit lighter, at least. Not completely happy about the workload, but it's at least moving in the right direction. On Monday, I was supposed to go out for beers with two old, old friends of mine, but one of them was in London so it ended up not happening, which was just as good since I was quite tired.

Tuesday, I met up with Hege, whom I haven't seen for a couple of years and we chatted about life, the universe and everything. She's changed quite a bit, but I guess people do that when you barely see them between the age of 20-ish and 27 or so.

Wednesday, work and such and then a scout meeting. Good to see the crazy kids again even if it was a bit louder than I wanted and they have their conflicts too. Oh well, it'll work itself out, over time.

Karianne and Odin are doing well, it's fun to hear about her achievements when it comes to him and it's fairly obvious they both enjoy it. I'm going to Portland on the west coast of the US next week, which I have mixed feelings about. It's far to travel, it's being away from Karianne and it's going into the US. One of the things I am looking forward to is picking up some photo equipment I have ordered, so that will be fun to play around with.

It seems like I will be missing out on FOSDEM this year, but since I like Brussels (and their beer), and even more importantly, since Gustav decided to arrange a trip to Brussels. Karianne and I are going, so are Anders, Magni, Gustav (obviously), Ragnar and Kjetil. I think it'll be a great trip with good beer (hey, it's Belgium!) and hopefully some decent food as well. Karianne claims she's there for the chocolate, but Magni has proposed we all try to help Karianne find a beer she likes, as she claims she generally doesn't like beer. More blog postings and maybe pictures will follow.

I am currently working on implementing a cryptographic file system using FUSE. It is different from EncFS and similar in that it just mirrors a normal directory tree, but encrypts the contents of the files as they are read or decrypted as they are written.

My use case is backups. I have some machines where I and only I have access, machines which may contain proprietary information, personal emails and so on. Of course, I want backups of those, so when the hard drives stop working, I don't lose any data. The machine(s) I am backing up to, however are not always machines where I trust all the people with physical access to not make a copy of my data. In addition, I don't want broken hard drives returned under warranty to contain unencrypted data. This use case is the reason for why I'm encrypting on read rather than on write.

I have chosen to use CTR (counter) mode together with AES which should give acceptable security. One of the requirements CTR needs to work well is a nonce, typically 64 bits (for 128 bit AES) which must not ever be used twice. If you use it twice, you leak information about your plaintext, which is, for obvious reasons, bad.

My current design headache is how to choose a good nonce. Ideally, I believe it should be persistent for each version of the file and unique per file. Using the inode number takes up 64 bits (on AMD64 at any take, or when using -D_FILE_OFFSET_BITS=64 on 32 bit platforms). So while this gives me the latter, it doesn't give me the former at all. I am wondering if I should use the inode number modulo 2^32 (effectively choosing the lower 32 bits of the inode number) and then something which is fairly sure to never be the same, such as mtime (or at least the lower 32 bits of it, when time_t becomes 64 bit). The reason for not just choosing a completely random value is I don't want a command like diff file1 file1 to claim there are differences in the file.

My hope was I'd get a great idea on how to solve the problem as part of writing it down. Alas, that hasn't happened, so if you happen to come across a great solution (or a reason to avoid a particular choice), feel free to email me