[Cryptography] Protecting Private Keys
Jeffrey I. Schiller
jis at mit.edu
Sat Sep 7 16:06:02 EDT 2013
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sat, Sep 07, 2013 at 03:46:10PM -0400, Jim Popovitch wrote:
> $5k USD to anyone one of the thousands of admins with access....
Years ago when key escrow and the Clipper was still on the table, I
developed an attack on the key escrow agents. It worked like this:
1. Approach facility, knock on door.
2. To the person who answers: “Here is $1 Million, take a walk.”
3. To anyone else encountered: “Here is $1 Million, go to the
bathroom.”
4. ... (you get the idea).
The fact that the keys would fit on an exabyte tape made exfiltrating
them pretty easy.
A few SSL private keys take even less space.
I have a lot of respect for how Google runs its operation. However it
wouldn’t be that hard to arrange for an agent to get a job there
(there are very smart people at NSA, and Google likes hiring smart
people :-) ) for the purpose to obtaining keys.
Of course, this is all speculation...
-Jeff
_______________________________________________________________________
Jeffrey I. Schiller
Information Services and Technology
Massachusetts Institute of Technology
77 Massachusetts Avenue Room E17-110A, 32-392
Cambridge, MA 02139-4307
617.910.0259 - Voice
jis at mit.edu
http://jis.qyv.name
_______________________________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iD8DBQFSK4cq8CBzV/QUlSsRAhRiAKCFMtmsTn/8Ov0GzkEZxG/8/iOedACeJEHN
wG0AdNDiIjsmLEwAIL8AVNs=
=vNVD
-----END PGP SIGNATURE-----
More information about the cryptography
mailing list