From: “Alan (Miburi-san) Wexelblat” <wex@media.mit.edu>
To: cypherpunks@toad.com
Message Hash: f7c002812722075adb89f0166fc769a54cf187b0bcfe0e3a997d1e720072a510
Message ID: <9311241618.AA11764@media.mit.edu>
Reply To: <9311240450.AA01367@toad.com>
UTC Datetime: 1993-11-24 16:19:27 UTC
Raw Date: Wed, 24 Nov 93 08:19:27 PST
From: "Alan (Miburi-san) Wexelblat" <wex@media.mit.edu>
Date: Wed, 24 Nov 93 08:19:27 PST
To: cypherpunks@toad.com
Subject: Give me your password- OR ELSE!
In-Reply-To: <9311240450.AA01367@toad.com>
Message-ID: <9311241618.AA11764@media.mit.edu>
MIME-Version: 1.0
Content-Type: text/plain
It seems like it would be relatively simple to program in a sort of dead-man
switch at the time of creation of the secret key. As with other double-pass
systems, use of the second phrase works once, but either/both sends a silent
alarm and changes the passphrase to get the secret key. If you want to get
fancy, you might even program in a script that, on activation of the 2nd
"duress" phrase would run around re-encrypting everything with a second
private key.
As you can imagine, there are increasing levels of personal security you
might employ. For example, using the duress phrase might be set up to
change the pass-phrase to something *you* don't know but which is known by a
trusted other party (wife, mother, agent/lawyer, etc.). Knowing this phrase
doesn't help them since that phrase can't access your secret until *after*
you've given the duress phrase and the software has disabled your normal
access phrase.
Depends how paranoid you want to be and how valuable your data is, I
guess...
--Alan Wexelblat, Reality Hacker, Author, and Cyberspace Bard
Media Lab - Advanced Human Interface Group wex@media.mit.edu
Voice: 617-258-9168, Pager: 617-945-1842 PUBLIC KEY available by request
"To pleasure!" "To passion!" "To paradise!" "To pain!" "Tonight!"
Return to November 1993
Return to “szabo@netcom.com (Nick Szabo)”