[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Opiated file systems
On 16 Jul 96 at 13:30, Jim Gillogly wrote:
> "Deranged Mutant" <[email protected]> writes:
> >A problem with a c'punk-style encrypted fs with source code and wide
> >distribution is, of course, that attackers will KNOW that there is a
> >duress key.
>
> Good point. This suggests a design desideratum for any such system should
> be that the user may choose not to have a duress key, maintaining
> semi-plausible deniability for those who choose to have one.
Semi-plausible. (See my other reply to this: an attacker could get
ahold of the HD and your system, reverse engineer the driver used, to
see what you're doing; backups of the encrypted partition in case of
destructive measures are helpful ... they could even return your
computer to you and take it apart carefully.)
The problem with a duress key is that it relies on "security through
obscurity".
Rob.
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 [email protected] (root@magneto)
AB1F4831 1993/05/10 Deranged Mutant <[email protected]>
Send a message with the subject "send pgp-key" for a copy of my key.