From: mmidboe@cs.uah.edu (Matt Midboe) (Computer Science Dept., Univ. of Alabama-Huntsville)
To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter)
Message Hash: 859f6bb71a41de8d0b14ebf0834e279a2975d90be57254cae927cce567b90c79
Message ID: <9306091731.AA28880@uahcs2.cs.uah.edu>
Reply To: <Pine.3.03.9306082305.B1284-d100000@rtfm>
UTC Datetime: 1993-06-09 17:31:53 UTC
Raw Date: Wed, 9 Jun 93 10:31:53 PDT
From: mmidboe@cs.uah.edu (Matt Midboe) (Computer Science Dept., Univ. of Alabama-Huntsville)
Date: Wed, 9 Jun 93 10:31:53 PDT
To: ryan@rtfm.mlb.fl.us (RYAN Alan Porter)
Subject: CryptoStacker and hiding the key
In-Reply-To: <Pine.3.03.9306082305.B1284-d100000@rtfm>
Message-ID: <9306091731.AA28880@uahcs2.cs.uah.edu>
MIME-Version: 1.0
Content-Type: text
-----BEGIN PGP SIGNED MESSAGE-----
You could put the key in the unused sectors of the drive. Chkdsk will
probably not like that at all, and I imagine some virus scanners. Virus
scanners, there is another problem. Some of them would be useless wouldn't
they, because I think they go around int 13h (since viruses can stealth around
int 13h, right?) so you would need to tell people about that type of problem.
But putting the key in the unused sectors still doesn't provide enough
protection. What is the problem with just having a regular key file, and when
the user boots up the computer it asks them a pass phrase to decrypt the key
file? If they fail wipe the key and force the user to restore the key from a
backup somewhere.
d. saint
-----BEGIN PGP SIGNATURE-----
Version: 2.2
iQBVAgUBLBYeX1gV4u6tNx5/AQE66AIA1NVezgP2BkfZUpot6LMVEzciBDCfl1Kq
d1QbgNpgK3OINAq/IhYimUMotE+oXng59fHJYeWf+/QINxBwPYfx0Q==
=i8F7
-----END PGP SIGNATURE-----
Return to June 1993
Return to “RYAN Alan Porter <ryan@rtfm.mlb.fl.us>”