1996-07-18 - Re: Opiated file systems

Header Data

From: “Deranged Mutant” <WlkngOwl@unix.asb.com>
To: jim@ACM.ORG
Message Hash: dac0526959bd872cfae446577d5b7e96eb885498a1e0b33f709ef7478f32bcf4
Message ID: <199607172125.RAA09155@unix.asb.com>
Reply To: N/A
UTC Datetime: 1996-07-18 06:26:46 UTC
Raw Date: Thu, 18 Jul 1996 14:26:46 +0800

Raw message

From: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Date: Thu, 18 Jul 1996 14:26:46 +0800
To: jim@ACM.ORG
Subject: Re: Opiated file systems
Message-ID: <199607172125.RAA09155@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On 16 Jul 96 at 13:30, Jim Gillogly wrote:

> "Deranged Mutant" <WlkngOwl@unix.asb.com> writes:
> >A problem with a c'punk-style encrypted fs with source code and wide 
> >distribution is, of course, that attackers will KNOW that there is a 
> >duress key.
> 
> Good point.  This suggests a design desideratum for any such system should
> be that the user may choose not to have a duress key, maintaining
> semi-plausible deniability for those who choose to have one.

Semi-plausible. (See my other reply to this: an attacker could get 
ahold of the HD and your system, reverse engineer the driver used, to 
see what you're doing; backups of the encrypted partition in case of 
destructive measures are helpful ... they could even return your 
computer to you and take it apart carefully.)

The problem with a duress key is that it relies on "security through 
obscurity".

Rob.

---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto)
        AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.





Thread