AFsplitter - Anti-forensic Information SplitterThe AFsplitter supports secure data destruction crucial for secure on-disk key management. The key idea is to bloat information and therefor improving the chance of destroying a single bit of it. The information is bloated in such a way, that a single missing bit causes the original information become unrecoverable. The theory behind AFsplitter is presented in TKS1. AFsplitter uses SHA1 as diffusion element.
The interface is simple. It consists of two functions (see af.h):
int AF_split(char *src, char *dst, int blocksize, int blocknumbers); int AF_merge(char *src, char *dst, int blocksize, int blocknumbers);AF_split operates on src and produces information splitted data in dst. src is assumed to be of the length blocksize. The data stripe dst points to must be captable of storing blocksize*blocknumbers. blocknumbers is the data multiplication factor (called l in the TKS1 paper). AF_merge does just the opposite: reproduces the information stored in src of the length blocksize*blocknumbers into dst of the length blocksize.