[nzlug] OT: computer read/write access to paper?
Jim Cheetham
jim at gonzul.net
Fri Jun 22 20:26:09 NZST 2007
On 22/06/07, Phillip Hutchings <phillip.hutchings at sitharus.com> wrote:
>
> The theory behind this idea is that the attacker is malicious and has
> almost unlimited resources. It's not a realistic scenario, but I've
Indeed - because if the volume in question is decryptable, it will be
brute-forced at the worst. The largest keylength in this case is one the
same size as the original data.
I suspect that you would enjoy looking at the rubberhose system; where the
defence from brute force is the availability of false decrypt targets. These
obscure the existance of the 'secret' data, not the mechanism of it's
decryption.
http://iq.org/~proff/rubberhose.org/
been pondering it for a while. The main 'requirement' is that if an
> attacker gets the encrypted volume there cannot be a method of getting
> the key.
If you have the encrypted volume and resources to brute-force the plaintext,
you will have the key. If the key has been used elsewhere, you will have
access to that data too (e.g. the Enigma machine "day key")
> My current idea is you put the volume key on a device and encrypt it
> with a one-time key. When the device is mounted the one-time key is
> read from a USB key, the device key is decrypted and a new one-time
> key is stored in memory. The USB drive then gets erased and
> overwritten with random data and the device key is re-encrypted and
> written back. Then the one-time key is held in RAM (locked page or
> something so it doesn't get swapped to disk) and when the device is
> cleanly unmounted the one-time key is written to the USB drive.
You are worrying about technical details of data storage on a filesystem,
but not about the real "risks" of decrypting data in the first place. Why
would a series of one-time keys be better than one very big key? If an
attacker has your encrypted data, it doesn't matter which key was used to
encrypt it; therefore there is no value in re-encrypting it later. If you
don't trust the machine the data is decrypted on ... well, you've lost.
-jim
More information about the NZLUG
mailing list