1996-07-16 - Re: Opiated file systems

Header Data

From: The Deviant <deviant@pooh-corner.com>
To: “Mark O. Aldrich” <maldrich@grci.com>
Message Hash: 6ef6a46b4bf7f861badffca7ae67a76468c66c57d4db227814c4cd6291b7e7a8
Message ID: <Pine.LNX.3.94.960716090027.5360D-100000@switch.sp.org>
Reply To: <Pine.SCO.3.93.960715172915.7563D-100000@grctechs.va.grci.com>
UTC Datetime: 1996-07-16 16:06:39 UTC
Raw Date: Wed, 17 Jul 1996 00:06:39 +0800

Raw message

From: The Deviant <deviant@pooh-corner.com>
Date: Wed, 17 Jul 1996 00:06:39 +0800
To: "Mark O. Aldrich" <maldrich@grci.com>
Subject: Re: Opiated file systems
In-Reply-To: <Pine.SCO.3.93.960715172915.7563D-100000@grctechs.va.grci.com>
Message-ID: <Pine.LNX.3.94.960716090027.5360D-100000@switch.sp.org>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Mon, 15 Jul 1996, Mark O. Aldrich wrote:

> Date: Mon, 15 Jul 1996 17:43:28 -0400 (EDT)
> From: "Mark O. Aldrich" <maldrich@grci.com>
> To: Deranged Mutant <WlkngOwl@unix.asb.com>
> Cc: Adam Back <aba@dcs.ex.ac.uk>, cypherpunks@toad.com
> Subject: Re: Opiated file systems
> 

[Usefull stuff >/dev/null]

> 
> The payload of getting false data out of a crypto algorithm, such that the
> data looks "real", when a duress key is input to the algorithm is not
> something that I've seen approached in any reasonable manner.  Probably
> because it's just too damn hard and the notion of "real looking" data is a
> little hard to define scientifically.  A combination stego/crypto solution
> may be more appropriate, but close examination of the box is going to
> reveal what happened (assuming the desired solution must withstand some
> protracted forensics?).  The nuke_the_data or nuke_the_keys solutions are
> easier to do, and have been implemented in several situations of which I
> am aware.  
> 

But, on the other hand, it wouldn't be to hard to have the user set both
keys (yeah, so that didn't actually say anything, so what...), and then do
an every-other-byte type thing (although that would be slow... every other
block would be more efficient), and have 2 EFS's in one file, and make it
so that on the "duress" one the extra space appears to be "free".

One could make it a real file system, and add a fake disk error to prevent
over-writing of the "non-duress" filesystem.

> 
> ------------------------------------------------------------------------- 
> |Just as the strength of the Internet is  |Mark Aldrich                 |
> |chaos, so the strength of our liberty    |GRCI INFOSEC Engineering     |
> |depends upon the chaos and cacophony of  |maldrich@grci.com            |
> |the unfettered speech the First Amendment|MAldrich@dockmaster.ncsc.mil |
> |protects - District Judge Stewart Dalzell|                             |
> |_______________________________________________________________________|
> |The author is PGP Empowered.  Public key at:  finger maldrich@grci.com |
> |    The opinions expressed herein are strictly those of the author     |
> |         and my employer gets no credit for them whatsoever.           |
> -------------------------------------------------------------------------
> 

This will sound odd, but did you know that "dockmaster" was the name of
the NSA's first unclassified computer? just wondering.... ;)

 --Deviant



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQEVAwUBMetbfTAJap8fyDMVAQGN7Af+Jck2zofxtJOBLuceEhGmaZwoodxGHITb
PrdLwsrYVdWbyzhtmCy9iDm0cMh0BW6dRGXDQWml4Ed0ObAPBwQz4wwpbS+4OOBS
VSsTQ+A5JctbxeaA24XPPCbVOLrCCFaWiNZacSft/hUPDn4etYPKwtVDFfFsKtWF
VohL28TyLAskNUFarKKr1YFVAlZ632XZy9xEDXnNi7lDwj5cSHtCL89Kt0F8qSiq
6Qz+cfWmwpx4Pv/CyenTUHu+Q6orgxSGIY7hBGywcUzm4lRKmOJrzFjqjM3Af4dQ
78lasplnScvu2Pw6ofCxFBHpf0r4DH/XdeKH0BzKoQnBlu8X4bjg0A==
=/T4e
-----END PGP SIGNATURE-----






Thread