[Cryptography] Rubber-hose resistance?
Patrick Chkoreff
patrick at rayservers.net
Thu Dec 21 18:54:46 EST 2017
Jerry Leichter wrote on 12/21/2017 05:21 PM:
...
> For the rest of us, probably the best thing to do is to encrypt
> everything before it goes to the device. Destroy the key, and the
> device is logically erased instantly. (Both iPhones and some Android
> devices actually do this.)
Right.
> Of course you run into the "turtles all the way down" problem: If
> you store the key on the device itself ... how do you erase it when
> you can't control what gets written where?
Right. I can tediously ponder any number of software counter-measures,
but they're all vulnerable.
>> I suppose now it's safest just to shred the SSD physically before
>> you return from the trip. Either return with no hard drive or
>> install a spare.
> While the information may be *present* on the drive, getting it out
> requires specialized hardware and techniques. How valuable is this
> information? How serious an attack are you concerned about having to
> survive? -- Jerry
My own threat model is not terribly demanding. I mostly just want to
protect GPG and SSH private keys.
I think you have to physically destroy the device. It's the only way to
be sure. Carry only a disposable device, as Nico and Jeremy have
discussed, such as a Raspberry PI and SD card. I think you can just
destroy the SD card, as I suspect no traces of information will remain
on the PI itself, discounting 4 degree Kelvin attacks on RAM.
-- Patrick
More information about the cryptography
mailing list