On 5/3/21, Stefan Claas <spam.trap.mailing.lists@gmail.com> wrote:
a little project I am working on. https://lists.gnupg.org/pipermail/gnupg-users/2021-May/065124.html
----- Stefan Vasilev stefan.vasilev at posteo.ru May 3 2021 here is a little scenario. Alice and Bob needs to find a way to do encrypted communications globally. The task is the following: Alice needs to travel to a foreign country without any devices (laptop, smartphone etc.). At arrival she needs to communicate daily (no real time communications) with Bob to exchange encrypted documents. Alice is not allowed to login in any services, like her Gmail account, social media etc. to not reveal her login credentials. She can't use Tor, because at her destination Tor is blocked. The only option she has is to use Internet Cafés or public libraries etc. She is aware that at an Internet Café keyloggers may be installed. Last but not least she does not carry any notices on paper with her. How would you solve this task? ----- You say the box has been compromised, thus the crypted docs and all app sessions and [meta]data connections happening on the box can be totally captured, and your face at the venue... all such usually lead to failure. And since you say you have no secure devices, this implies you are forced to use the compromised box to [de]crypt and read/write the plaintext docs, perhaps those also on camera too, all of which are failure. Nor can you do practical crypto outside the box/venue of entire big daily "docs" with pencil, or in your head. Your stated problem is unsolvable without access to a secure device. Get a secure device. Or accept risk of booting your OS on the untrusted hardware. Or use pencil size text "docs" for which you will need a PSK (or a KEX proto which will be even more pencil msg overhead). Or give up and go offline out of band, or out of the country, or revolt.