[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Opiated file systems



On 16 Jul 96 at 13:30, Jim Gillogly wrote:

> "Deranged Mutant" <[email protected]> writes:
> >A problem with a c'punk-style encrypted fs with source code and wide 
> >distribution is, of course, that attackers will KNOW that there is a 
> >duress key.
> 
> Good point.  This suggests a design desideratum for any such system should
> be that the user may choose not to have a duress key, maintaining
> semi-plausible deniability for those who choose to have one.

Semi-plausible. (See my other reply to this: an attacker could get 
ahold of the HD and your system, reverse engineer the driver used, to 
see what you're doing; backups of the encrypted partition in case of 
destructive measures are helpful ... they could even return your 
computer to you and take it apart carefully.)

The problem with a duress key is that it relies on "security through 
obscurity".

Rob.

---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 [email protected] (root@magneto)
        AB1F4831 1993/05/10 Deranged Mutant <[email protected]>
Send a message with the subject "send pgp-key" for a copy of my key.