[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Key backup (was: How do I know . ..)

To: [email protected] (Dr. D.C. Williams)
Subject: Re: Key backup (was: How do I know . ..)
From: Adam Shostack <[email protected]>
Date: Wed, 18 Jan 1995 17:00:41 -0500 (EST)
Cc: [email protected]
In-Reply-To: <[email protected]> from "Dr. D.C. Williams" at Jan 18, 95 12:54:24 pm
Sender: [email protected]

D.C. Williams wrote:

| With barcoding as the standard, another person prints his key on a small
| unmarked card and hides it somewhere deemed to be secure by him. The
| UPC-label attack fails because his keyring isn't disguised as UPC product
| labels. How does the attacker know what to look for?
| 
| True Paranoids could devise some sort of "invisible ink" method,
| requiring UV or heat exposure before the barcode becomes visible.
| Now your backup key looks like a blank sheet of paper. ;-)

	Picking a few nits:

	Putting the UPC's on things other than cards (such as books)
makes it easier to hide in the open.  `UPC' stickers on, say, a few
books are easier to miss than UPC stickers on index cards.

	Invisible ink draws attention to the correct UPC's once they
know you're using it.  See Kahn for a discussion of secret inks being
developed during the second world war.  If you want to hide bits, they
should be stripped of low entropy parts and hidden with a stego
program.

Adam

-- 
"It is seldom that liberty of any kind is lost all at once."
						       -Hume

References:
- Re: Key backup (was: How do I know . ..)
  - From: "Dr. D.C. Williams" <[email protected]>

Prev by Date: Re: EE Times on PRZ
Next by Date: Re: Another problem w/Data Havens...
Prev by thread: Re: Key backup (was: How do I know . ..)
Next by thread: Re: Key backup (was: How do I know . ..)
Index(es):
- Date
- Thread