If anyone is interested in participating in the design of a system
that could be used for manual key distribution and/or OTP purposes,
email me. I figure we can talk about our special cases off-list, and
maybe submit the final design to the list for people to take their
best crack at it.
--
On Feb 1, 2006, at 3:50 AM, Travis H. wrote:
On 1/28/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
In our office, we have a shredder that happily
takes CDs and is designed to do so. It is noisy
and cost $500.
Here's one for $40, although it doesn't appear to shred them so much
as make them
I have an Executive Machines EPS-1501X cross-cut
shredder (15 sheet, I think) which also shreds CDs.
And it really shreds them, into about 1/4 x 1
strips. It's no louder than any home/office other
shredder I've used, though it is louder when shredding
CDs.
Jim
--- Travis H. [EMAIL PROTECTED]
On 1/28/06, [EMAIL PROTECTED] [EMAIL PROTECTED] wrote:
In our office, we have a shredder that happily
takes CDs and is designed to do so. It is noisy
and cost $500.
Here's one for $40, although it doesn't appear to shred them so much
as make them pitted:
Eugen Leitl wrote:
Sudden thermal stress (liquid nitrogen, etc) might be good enough to
delaminate, leaving clear disks behind.
Not sure what the data surface is made from but - surely a suitable organic
solvent could remove the paint into suspension leaving a clear plastic disc
and no trace of
Anne Lynn Wheeler wrote:
is there any more reason to destroy a daily key after it as been used
than before it has been used?
That's quite an amusing turn of phrase. There are two ways to
interpret it:
*) If taken literally, the idea of destroying a key _before_ it is
used is truly an
Peter Gutmann wrote:
Jonathan Thornburg [EMAIL PROTECTED] writes:
Melting the CD should work... but in practice that takes a specialized oven
(I seriously doubt my home oven gets hot enough), and is likely to produce
toxic fumes, and leave behind a sticky mess (stuck to the surface of the
John Denker wrote:
That indicates a gross lack of tamper-evident packaging, as discussed
above. The store should never have activated a card that came from a
package that had been tampered with.
if you have seen many of the gift cards in racks at grocery stores ...
they can be skimmed w/o any
John Denker wrote:
-- The best way to _protect_ a key after it has been used is to destroy
it.
-- For keys that have yet been used, a sufficient scheme (not the only
scheme) for many purposes is to package the keys in a way that is
tamper-resistant and verrry tamper-evident.
In our office, we have a shredder that happily
takes CDs and is designed to do so. It is noisy
and cost $500.
--dan
-
The Cryptography Mailing List
Unsubscribe by sending unsubscribe cryptography to [EMAIL PROTECTED]
I forgot to mention in my previous message:
It is worth your time to read _Between Silk and Cyanide_.
That contains an example of somebody who thought really
hard about what his threat was, and came up with a system
to deal with the threat ... a system that ran counter to
the previous
[CD destruction]
| You missed the old standby - the microwave oven.
|
| The disk remains physically intact (at least after the
| 5 seconds or so I've tried), but a great deal of pretty
| arcing occurs in the conductive data layer. Where the
| arcs travel, the data layer is vapourized.
|
| The
Jonathan Thornburg [EMAIL PROTECTED] writes:
Melting the CD should work... but in practice that takes a specialized oven
(I seriously doubt my home oven gets hot enough), and is likely to produce
toxic fumes, and leave behind a sticky mess (stuck to the surface of the
specialized oven).
For no
There are various versions of getting rid of a disk file.
2) Zeroizing the blocks in place (followed by deletion). This
is vastly better, but still not entirely secure, because there
are typically stray remnants of the pattern sitting beside
the nominal track, and a
John Denker wrote:
Dave Howe wrote:
Hmm. can you selectively blank areas of CD-RW?
Sure, you can. It isn't s much different from rewriting any
other type of disk.
Yeah, I know. just unsure how effective blanking is on cd-rw for (say) a pattern
that has been in residence for two
To: cryptography@metzdowd.com; [EMAIL PROTECTED]
Subject: Re: thoughts on one time pads
Jonathan Thornburg [EMAIL PROTECTED] writes:
Melting the CD should work... but in practice that takes a specialized
oven
(I seriously doubt my home oven gets hot enough), and is likely to
produce toxic fumes, and leave
On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote:
[...]
Of course, the obvious application for this OTP material,
other than text messaging itself, is to use it for key
distribution.
Perhaps I missed something, but my impression was that the original
post asked about how a CD full of
Two other problems with using a CD for OTP key material:
1. How to insure physical security for the N years between when you
exchange CDs and the use of a given chunk of keying material? The
single CD system is brittle -- a single black-bag burglary to
copy the CD, and poof, the adversary has
From: Travis H. [EMAIL PROTECTED]
Sent: Jan 26, 2006 6:30 AM
To: cryptography@metzdowd.com
Subject: thoughts on one time pads
...
In this article, Bruce Schneier argues against the practicality of a
one-time pad:
http://www.schneier.com/crypto-gram-0210.html#7
I take issue with some
Jonathan Thornburg wrote:
1. How to insure physical security for the N years between when you
exchange CDs and the use of a given chunk of keying material? The
single CD system is brittle -- a single black-bag burglary to
copy the CD, and poof, the adversary has all your keys for the next
N
Dave Howe wrote:
Hmm. can you selectively blank areas of CD-RW?
Sure, you can. It isn't s much different from rewriting any
other type of disk.
There are various versions of getting rid of a disk file.
1) Deletion: Throwing away the pointer and putting the blocks back
on the free
On Thu, 26 Jan 2006, Adam Fields wrote:
On Thu, Jan 26, 2006 at 06:09:52PM -0800, bear wrote:
[...]
Of course, the obvious application for this OTP material,
other than text messaging itself, is to use it for key
distribution.
Perhaps I missed something, but my impression was that the
John Denker wrote:
One drawback with this is that you have to destroy a whole
disk at a time. That's a problem, because if you have a
whole disk full of daily keys, you want to destroy each
day's key as soon as you are through using it. There
are ways around this, such as reading
In this article, Bruce Schneier argues against the practicality of a
one-time pad:
http://www.schneier.com/crypto-gram-0210.html#7
I take issue with some of the assumptions raised there.
For example, you may have occasional physical meetings with a good
friend, colleague, family member, or
Travis H. wrote:
In this article, Bruce Schneier argues against the practicality of a
one-time pad:
http://www.schneier.com/crypto-gram-0210.html#7
I take issue with some of the assumptions raised there.
[...] Then a $1
CD-ROM would hold enough data for 7 years of communication! [...]
On Thu, Jan 26, 2006 at 05:30:36AM -0600, Travis H. wrote:
[...]
Excuse me? This would in fact be a _perfect_ way to distribute key
material for _other_ cryptosystems, such as PGP, SSH, IPSec, openvpn,
gaim-encryption etc. etc. You see, he's right in that the key
distribution problem is the
On Thu, 26 Jan 2006, Travis H. wrote:
All I've got to say is, I'm on this like stink on doo-doo. Being the
thorough, methodical, paranoid person I am, I will be grateful for any
pointers to prior work and thinking in this area.
You may wish to look at:
Ueli M . Maurer:
On Thu, 26 Jan 2006, Travis H. wrote:
For example, you may have occasional physical meetings with a good
friend, colleague, family member, or former co-worker. Let's say
you see them once every few years, maybe at a conference or a
wedding or a funeral or some other occasion. At such
28 matches
Mail list logo