[Cryptography] one-time pads

Kent Borg kentborg at borg.org
Tue Jan 21 08:34:56 EST 2014 

On 01/20/2014 09:42 PM, Philip Shaw wrote:
> I have had the idea of producing something compatible with an SD 
> reader (at least the common open-ended type) but which stores the data 
> embedded inside cardboard or similar material, which can be doped on 
> the outer end with the phosphorous + shielding layer used on 
> strike-anywhere matches, but I haven’t worked out any specifics, and 
> it would probably only be practical to store a KB at most - so useful 
> for a couple of private keys but not much else. It still wouldn’t be 
> deniable, but it would be trivial to destroy in a hurry.

For quick destruction of data I like the idea of using full disk 
encryption (implemented by the computer not the disk drive).

When the mob/swat-team tops the walls, kill the power on the attached 
computer. Sure, RAM will hold keys for a time, so kill the power to the 
warm RAM many seconds before the invaders can reach it with their freeze 
spray.

The key to decrypt the disk needs to be stored somewhere, but can 
imagine a USB flash drive mounted in a device that includes a mechanism 
for crushing the flash chip. Heck, maybe the power also runs through 
this mechanism, too: hit the red button on it and the RAM goes dark as 
the key is crushed. As I think about it, I think I would have the 
destruction mechanism hold dual USB drives running redundantly, tiny 
flash devices like to die for no good reason.

Also, there need to be passphrases known to humans to access the keys on 
the USB drive.

A lot can be stored there. All for cheap, with quick destruction. TBs of 
disk data and GBs of flash data. The weak link, as always, is the larger 
system. The software running on this computer, the hardware, what is 
connected to it, the security of the room where it sits, the procedures 
the humans do or don't follow, etc.

The specific problem of destruction seems pretty easy, as many narrow 
problems are. Ah, but building the larger system that is secure, so hard.


-kb


P. S. Years ago there was a Doonesbury cartoon where Duke was running a 
drug dealing business and talking to a customer on the phone. He asked 
the customer for his account number (to type into an Apple II I seem to 
recall). The customer is aghast that he is keeping records, but he 
dismisses the worry, saying he can destroy the data in seconds and he 
has already looked up the customer's data.

I guess an old 5-1/4 inch floppy can be destroyed pretty quickly if one 
is prepared. Drop it in a container of solvent. (Doesn't work so well 
for a large stack of floppies.) Stinkier and more dangerous than the 
crusher idea above: progress!

More information about the cryptography mailing list