[Cryptography] one-time pads
Kent Borg
kentborg at borg.org
Tue Jan 21 08:34:56 EST 2014
On 01/20/2014 09:42 PM, Philip Shaw wrote:
> I have had the idea of producing something compatible with an SD
> reader (at least the common open-ended type) but which stores the data
> embedded inside cardboard or similar material, which can be doped on
> the outer end with the phosphorous + shielding layer used on
> strike-anywhere matches, but I haven’t worked out any specifics, and
> it would probably only be practical to store a KB at most - so useful
> for a couple of private keys but not much else. It still wouldn’t be
> deniable, but it would be trivial to destroy in a hurry.
For quick destruction of data I like the idea of using full disk
encryption (implemented by the computer not the disk drive).
When the mob/swat-team tops the walls, kill the power on the attached
computer. Sure, RAM will hold keys for a time, so kill the power to the
warm RAM many seconds before the invaders can reach it with their freeze
spray.
The key to decrypt the disk needs to be stored somewhere, but can
imagine a USB flash drive mounted in a device that includes a mechanism
for crushing the flash chip. Heck, maybe the power also runs through
this mechanism, too: hit the red button on it and the RAM goes dark as
the key is crushed. As I think about it, I think I would have the
destruction mechanism hold dual USB drives running redundantly, tiny
flash devices like to die for no good reason.
Also, there need to be passphrases known to humans to access the keys on
the USB drive.
A lot can be stored there. All for cheap, with quick destruction. TBs of
disk data and GBs of flash data. The weak link, as always, is the larger
system. The software running on this computer, the hardware, what is
connected to it, the security of the room where it sits, the procedures
the humans do or don't follow, etc.
The specific problem of destruction seems pretty easy, as many narrow
problems are. Ah, but building the larger system that is secure, so hard.
-kb
P. S. Years ago there was a Doonesbury cartoon where Duke was running a
drug dealing business and talking to a customer on the phone. He asked
the customer for his account number (to type into an Apple II I seem to
recall). The customer is aghast that he is keeping records, but he
dismisses the worry, saying he can destroy the data in seconds and he
has already looked up the customer's data.
I guess an old 5-1/4 inch floppy can be destroyed pretty quickly if one
is prepared. Drop it in a container of solvent. (Doesn't work so well
for a large stack of floppies.) Stinkier and more dangerous than the
crusher idea above: progress!
More information about the cryptography
mailing list