[Cryptography] Rubber-hose resistance?
Matt Palmer
matt at hezmatt.org
Wed Dec 20 00:05:10 EST 2017
On Wed, Dec 20, 2017 at 01:49:28AM +0000, Peter Gutmann wrote:
> Howard Chu <hyc at symas.com> writes:
> >Peter Gutmann wrote:
> >> I cross borders with a wiped-clean laptop and scp in anything
> >> work-related that I need once I get there. That seems to be a common strategy
> >> among IT-savvy travellers who are worried about travelling with
> >> NDA'd/commercially sensitive material.
> >
> >I do this too. But just out of curiosity, what do you use for ssh credentials
> >when traveling?
>
> A password. That's the one thing that's completely deniable (when it's used,
> as in this case, to scp something over from some random server at some random
> IP address).
Do you take into account the possibility of MitM attacks post-border
crossing, by making a record of the remote host key? And if so, how? Or is
your threat model focused on the border itself, and you don't have to worry
so much about on-going attacks thereafter?
- Matt
More information about the cryptography
mailing list