[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Give me your password- OR ELSE!



It seems like it would be relatively simple to program in a sort of dead-man
switch at the time of creation of the secret key.  As with other double-pass
systems, use of the second phrase works once, but either/both sends a silent
alarm and changes the passphrase to get the secret key.  If you want to get
fancy, you might even program in a script that, on activation of the 2nd
"duress" phrase would run around re-encrypting everything with a second
private key.

As you can imagine, there are increasing levels of personal security you
might employ.  For example, using the duress phrase might be set up to
change the pass-phrase to something *you* don't know but which is known by a
trusted other party (wife, mother, agent/lawyer, etc.).  Knowing this phrase
doesn't help them since that phrase can't access your secret until *after*
you've given the duress phrase and the software has disabled your normal
access phrase.

Depends how paranoid you want to be and how valuable your data is, I
guess...

--Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard
Media Lab - Advanced Human Interface Group	[email protected]
Voice: 617-258-9168, Pager: 617-945-1842	PUBLIC KEY available by request
"To pleasure!" "To passion!" "To paradise!" "To pain!" "Tonight!"