DJA wrote:
Tracy R Reed wrote:
Dexter Filmore wrote:
A usb stick is basically just a very long password that you have to
keep
written down somewhere. Stick your USB stick into an untrusted
computer,
and your key is compromised, just like a fixed password would be.
If all that can be read is my public key?
But having only your public key on your USB stick does not prove who you
are. You need your private key on there.
Neither does your private key, it only identifies itself. It's just as
useful to a thief as it is to you. The only real security comes with a
password which is known _only_ to its owner. PKI keys, whether public
or private only identify computers, not whoever is sitting in front
that computer, or whoever physically possesses the key.
I guess this is one possible application for blq's idea of a smart usb
stick. Allow the smart usb stick to have its own interface for a usb
keyboard (which you could carry with you) and you can physically enter
your password into the smart usb stick which can then utilize your
encryption keys to send the right stuff to the cpu. You could even
merge the smart usb stick with your keyboard. I'm not familiar with
what would need to be involved in this process, but I would think that
the cpu (local or whatever) can issue a challenge that can only be
answered correctly if the smart usb stick receives (preferably in a
secure manner) the password typed directly into the smart usb stick.
Having a valid key expresses possession, and only implies permission.
Requiring a secret passphrase for every access expresses permission
(the results of torture and/or maiming expressed earlier notwithstanding.
There should be a way to have multiple passphrases, 1st) works without
question, 2nd) immediately performs a secure delete of all applicable
info, 3rd) immediately tries to notify authorities with a silent alarm,
or 4th) some combination of 2 & 3. 2, 3 & 4 can be made to work like 1,
or just appear to work. Or 2, 3, & 4 can be made to work just like 1,
but slower. I wouldn't imagine you could make it too much slower
without arousing suspicion unless maybe it just looked like there were
errors coming from hardware malfuntion or bad connections or whatnot.
--
[email protected]
http://www.kernel-panic.org/cgi-bin/mailman/listinfo/kplug-list
