From: JonWienk@ix.netcom.com
To: cypherpunks@toad.com
Message Hash: 1a1904ba77eea93cc3aa468aab442a3f1372cd682531daa10e1585d7461f07a5
Message ID: <199607201848.LAA07682@dfw-ix10.ix.netcom.com>
Reply To: <199607191718.NAA04087@unix.asb.com>
UTC Datetime: 1996-07-20 20:56:51 UTC
Raw Date: Sun, 21 Jul 1996 04:56:51 +0800
From: JonWienk@ix.netcom.com
Date: Sun, 21 Jul 1996 04:56:51 +0800
To: cypherpunks@toad.com
Subject: Re: Opiated file systems
In-Reply-To: <199607191718.NAA04087@unix.asb.com>
Message-ID: <199607201848.LAA07682@dfw-ix10.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
Here is an idea for implementing DuressSFS and/or NukeTheData functions on
demand with plausible deniability for all (without all your keys, TLA's wouldn't
know how many encrypted partitions you had:
1. Doing anything with the encrypted file system requires 2 keys.
2. The first key decrypts the FAT (the FAT info is always written to the disk
encrypted) and an encrypted control sector, which is cylinder 0, head 0, sector
JustAfterTheMBRAndPartionTable. This control sector is divided into 16 32-byte
(256-bit) fields or records.
3. If a hash of the key entered matches the undecrypted contents of record 0,
(bytes 0-31) the EFS enters an infinite whole-drive encryption loop, using a
hash of the key provided and any handy entropy, to produce a new key. The EFS
will produce new keys as frequently as possible by hashing any entropy it can
gather while nuking the data on the drive. While this is happening, dummy
messages should be displayed, such as "Starting Windows 95...", "An exception
has ocurred at XXXX:XXXXXXXX Press any key to continue." (when the entropy
stock needs replenishment) or any other reasonably common startup messages.
(NukeTheData) (TM)
4. If the first key is not the NukeTheData key, the EFS prompts for a second
key.
5. After receiving the second key, the EFS hashes it and compares the hash to
the data in the control sector records, and mounts any encrypted logical
drive(s) with matching key hashes.
6. If an incorrect second key is entered X times(X between 3 and 20),
(NukeTheData = True) is assumed, and executed.
Using this system, without the first key, it should be impossible to tell how
many separate encrypted logical drives there are on the disk. Without the second
key(s) the data in the ELD's should be worthless. On bootup, the pass phrase
entry screen should be designed to look exactly like the CMOS bootup password
screen, and no messages indicating the existence of EFS should be displayed
until after a correct 2nd key has been entered. Why advertise your security
measures? Unless "they" have been tipped off to the fact that you use EFS, they
can easily destroy all of the data through ignorance, especially if you have a
PostIt note with the NukeTheData password/phrase (which wouldn't have to be
"good"--you could use "GovtStupid" or something similar) stuck to the side of
your monitor, and keep your mouth shut during interrogation.
Jonathan Wienke
"1935 will go down in history! For the first time a civilized nation has full
gun registration! Our streets will be safer, our police more efficient, and the
world will follow our lead in the future!"
--Adolf Hitler
"46. The U.S. government declares a ban on the possession, sale,
transportation, and transfer of all non-sporting firearms. ...Consider the
following statement: I would fire upon U.S. citizens who refuse or resist
confiscation of firearms banned by the U.S. government."
--The 29 Palms Combat Arms Survey
http://www.ksfo560.com/Personalities/Palms.htm
1935 Germany = 1996 U.S.?
Key fingerprint = 30 F9 85 7F D2 75 4B C6 BC 79 87 3D 99 21 50 CB
Return to July 1996
Return to “JonWienk@ix.netcom.com”