On 12/22/2006 01:57 PM, Alex Alten wrote: > I'm curious as to why the cops didn't just pull the plugs right away.
Because that would be a Bad Idea. In a halfway-well-designed system, cutting the power would just do the secret-keepers' job for them. > It would probably > take a while (minutes, hours?) to encrypt any significant amount of > data. That's why you don't do it that way. If you want it to work, you use an encrypting disk system so that everything on disk (including swap) is encrypted all the time, and gets decrypted "as needed" when it is read. > Not to > mention, where is the master key? It should be in volatile unswappable RAM. Cutting the power is one way (among many) to obliterate it. Overwriting it with randomness suffices if there is any chance that the RAM might be non-volatile. The time and cost of obliterating a key are negligible. > The guy couldn't have jumped up and typed > in a pass phrase to generate it in handcuffs? That's another reason why you don't do it that way. > Even if it got erased, > it's image could > be recovered from a disk or RAM. My understanding is that even > tamperproof cards > one can get keys from them with the right equipment from the right folks. Once something is gone from RAM, it's really, really gone. The circuit structure and the laws of thermodynamics ensure it. No power on earth can do anything about that. ======================== There are, however, some things the cats can do to improve their chance of success in this cat-and-mouse game. *) For starters, the cats must anticipate the possibility that the mice might try to secure their data. The early-adopter mice benefit from a certain amount of security-through-obscurity, insofar as the cats have not heretofore fully appreciated the possibilities. *) The mice have a dilemma: If they do not cache the passphrase somewhere, they will need to constantly re-enter it, which makes them vulnerable to shoulder-surfing, sophisticated key-loggers, unsophisticated rubber-hose methods, et cetera. Conversely, if the mice do cache the passphrase for long periods of time, there is the possibility that the cats will capture the whole system intact, passphrase and all, and will be able to make a permanent copy of the passphrase before the system realizes that a compromise has occurred. The cats can improve their chances by causing not-too-suspicious power failures and seeing how the mice handle the ensuing passphrase issues. The mice can improve their odds by ensuring good physical security, ensuring personnel reliability, providing easy-to-use panic buttons, rotating their passphrases, and so forth. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
