1996-03-12 - Remailer passphrases

Header Data

From: “Mark M.” <markm@voicenet.com>
To: cypherpunks@toad.com
Message Hash: 5d05d493b0e04221d17191472acc979b78a13eaad5071e3ab7223fbbda16a073
Message ID: <Pine.LNX.3.91.960311201231.205A-100000@gak>
Reply To: <199603111015.LAA10327@kampai.euronet.nl>
UTC Datetime: 1996-03-12 04:24:07 UTC
Raw Date: Tue, 12 Mar 1996 12:24:07 +0800

Raw message

From: "Mark M." <markm@voicenet.com>
Date: Tue, 12 Mar 1996 12:24:07 +0800
To: cypherpunks@toad.com
Subject: Remailer passphrases
In-Reply-To: <199603111015.LAA10327@kampai.euronet.nl>
Message-ID: <Pine.LNX.3.91.960311201231.205A-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 11 Mar 1996, Gary Howland wrote:

> This of course assumes that the remailer runs as a process - if it doesn't
> then there is no reason a 'remailer helper' cannot.
> 
> The only disadvantage of this is that the remailer cannot be rebooted
> without a passphrase being entered, but then there are ways around this
> (entering the passphrase remotely over a secure link etc., or more
> sophisticated 'remote authorisation' systems).
> 
> The advantage of this is that the password is never on the disk,
> only in memory (which will take serious (read "expensive") to extract).

I don't know that it would be that expensive.  If someone was able to gain
root access to the system, something like "strings /dev/kmem" could narrow
the search for the passphrase down significantly.  Of course one could
obfuscate the passphrase by XOR'ing it with 0x80, but that's only security
through obscrurity.

- --Mark

=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
markm@voicenet.com              | finger -l for PGP key 0xf9b22ba5
http://www.voicenet.com/~markm/ | bd24d08e3cbb53472054fa56002258d5
"The concept of normalcy is just a conspiracy of the majority" -me


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMUTQWrZc+sv5siulAQFH4wP/YOY0gxwW/F4+D/kt8cXw47XhldBfd8bK
9jM50XoZLOv9QHs6udtmIro1+2Dkb8eZz8HBn4gn+CVAIqso10LvevGXe8TpZ96p
iO/XRm3LDpkdrt6mHoCC/J679hQ5nJgB0PThsBNl8MpW5mZMF5kZp9RWTosVsY3N
FKGVQQSQ0VA=
=UiDo
-----END PGP SIGNATURE-----





Thread