Re: Opiated file systems
On 16 Jul 96 at 19:21, Mark M. wrote:
A problem with a c'punk-style encrypted fs with source code and wide distribution is, of course, that attackers will KNOW that there is a duress key.
I don't see how this would effect the security of such a filesystem. There is absolutely nothing that an attacker can do to get the real key. An attacker would just ignore all computers that have duress key capability.
1. Confiscate computer (along with physical drive) with duress-capable encrypted file system; 2. back up the encrypted sectors; 3. reverse-engineer file system driver to figure out how the duress-key works, if there are multiple keys, where data is stored; 4. make sure you've rubber-hosed or subpeoned all passphrases or keys; 4a. if the system destroys data, you've got backups ("Very funny kiddo; now give us the real key...") 4b. even if there are two filesystems, the attacker will want access to both, just to make sure... Duress keys rely on a form of security through obscurity. They make sense for real-time situations where the attacker has to rush in, gain access quickly, and leave real fast (ie, bank robberies). If the attacker has plenty of time, he can prepare for that possibility. Rob --- No-frills sig. Befriend my mail filter by sending a message with the subject "send help" Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto) AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com> Send a message with the subject "send pgp-key" for a copy of my key.
-----BEGIN PGP SIGNED MESSAGE----- In article <199607182148.WAA00324@server.test.net>, Adam Back <aba@dcs.ex.ac.uk> wrote:
ie. the attacker can not tell without the hidden file system key (if one exists) whether the unused space on your drive is really just that: unused space filled with garbage, or whether it is in fact another encrytped filesystem.
They might be suspicious, but I don't think they would be able to claim you were in comptempt of court, if you provide the 1st key and claim there is no other key: the software has support for either 1 or 2 filesystems.
The fixes to the encrypted loopback filesystem support for Linux that I'll be finishing shortly (hopehopehope) incorporate, among other things, the following features: o encrypted filesystems o stego'ing a filesystem in a large (say audio) file Now, what if you do this: Record 1/2 an hour of music from your CD, say at 8k samples/sec, 8 bits/sample, stereo. In the _left_ channel, stego your real filesystem. In the _right_ channel, stego your duress filesystem. If the cops are suspicious that you have a huge sound file on your hard drive and they don't believe that it's just for audio purposes, you could (reluctantly) give up the duress key. Does this have the properties you want? - Ian -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBMfFW2kZRiTErSPb1AQFaEAP+IRZmsZCEsY4IiKU/TW5qta+2Aljly/3X wlW3Rp90idwh58erjY4Lnikk9fvvm0J2gb59eKObSTmAW5JzIwJpfrL00ZMJzCog LsGL+h0HvV4VKUAYomvIZ3MoKXad6tAfIEPuiOYhQvX56my/oLElyKBaUUgKeqOZ MwdM7pPLhbg= =Hesa -----END PGP SIGNATURE-----
Rob <WlkngOwl@unix.asb.com> writes:
On 16 Jul 96 at 19:21, Mark M. wrote:
A problem with a c'punk-style encrypted fs with source code and wide distribution is, of course, that attackers will KNOW that there is a duress key.
I don't see how this would effect the security of such a filesystem. There is absolutely nothing that an attacker can do to get the real key. An attacker would just ignore all computers that have duress key capability.
[attack on duress system]
3. reverse-engineer file system driver to figure out how the duress-key works,
I thought the presumption was that source code was provided (for the duress feature too)? The whole system should be designed to withstand scrutiny as to whether or not there is a duress file system on any given disk, on the assumption that the opponent as full access to the source. ie. the attacker can not tell without the hidden file system key (if one exists) whether the unused space on your drive is really just that: unused space filled with garbage, or whether it is in fact another encrytped filesystem. They might be suspicious, but I don't think they would be able to claim you were in comptempt of court, if you provide the 1st key and claim there is no other key: the software has support for either 1 or 2 filesystems. Adam
participants (3)
-
Adam Back -
Deranged Mutant -
iang@cs.berkeley.edu