[Cryptography] how to detect breakage -- lures etc.??
Alfie John
alfie at alfie.wtf
Sun Dec 29 20:22:44 EST 2019
On 29 Dec 2019, at 19:44, John Denker via cryptography <cryptography at metzdowd.com> wrote:
>
> Question:
> What is "best practice" for detecting breakage
> of a supposedly-secure communication system?
>
> Returning to present day: Suppose my phone were a wholly-pwned subsidiary
> of (say) Unit 61398. How would I know? Would the NSA know? Would they
> tell me?
>
> Then send orders to several submarines directing them to "break off" and
> proceed "forthwith" to rendezvous with a milchcow at such-and-such location.
> This offers a highly tempting target to the opposition. Obviously you do
> not want your subs to go to the indicated location; instead send a long-range
> patrol plane to see if ASW forces show up. If they do, it is a strong
> indication that your cipher is broken.
>
> It is not easy to come up with lures like this, but not impossible. I
> reckon the folks on this list can come up with schemes far cleverer than
> the examples I have given.
>
> Bottom line: What's best practice? It seems kinda unprofessional to put
> a system out there and not check whether it's working.
Thegrugq had a good one a while ago - leave an unprotected Bitcoin wallet on a box,
then monitor the blockchain at your leisure for the coins to be spent.
Alfie
--
Alfie John
https://www.alfie.wtf
More information about the cryptography
mailing list