A non-political issue

Tim May tcmay at got.net
Tue Oct 29 18:51:00 PST 2002 

On Tuesday, October 29, 2002, at 04:34  PM, Anonymous via the 
Cypherpunks Tonga Remailer wrote:

> (possible duplicate message)
>
> What technology is available to create a 2048-bit RSA key pair so that:
>
> 1 - the randomness comes from quantum noise

Clicks from a Geiger Counter, Johnson noise, etc. are quantum-based 
events. Feed them into a file to be used for PGP, and voila.

>
> 2 - no one knows the secret part,

Set up a script to copy the private part of the PGP key onto a diskette 
or whatever. Erase the private key from the computer.

Or move the entire computer into the box in #3.

>
> 3 - The secret part is kept in the "box" and it is safe as long as the 
> box is physically secured (expense of securing the box is a don't 
> care).

Lock the above diskette in the box. Or the computer in the box.

>
> 4 - "box" can do high-speed signing (say, 0.1 mS per signature) over 
> some kind of network interface

I don't know about this. Others can say whether today's CPUs can do key 
signings in 0.1 mS.

>
> 5 - you can reasonably convince certain people (that stand to lose a 
> lot and have huge resources) in 1, 2, 3 and 4.

Less doable. Fakery is easy. Even if they personally witnessed the 
above procedures, all sorts of subliminal channels or other sleight of 
hand tricks could be done.



>
> 6 - The operation budget is around $1m (maintenance not included).
>
> 7 - attacker's budget is around $100m
>
> 8 - the key must never be destroyed, so backup is essential.

Backup in the same box? Easy for someone to sabotage or destroy. Or 
steal.

>
> In other words, convincing translation of a crypto problem into 
> physical security problem.
>
>
> It looks like the key gets created on the same box(es) on which it is 
> stored, which all interested parties inspected to any desireable 
> level. Once everyone is comfortable the button gets pressed to 
> create/distribute the key, and then you put goons with AKs around the 
> boxes and pray that no one fucked with the microprocessor ... this may 
> mean buying the components at random.

Good luck.


--Tim May
-- 
Timothy C. May         tcmay at got.net        Corralitos, California
Political: Co-founder Cypherpunks/crypto anarchy/Cyphernomicon
Technical: physics/soft errors/Smalltalk/Squeak/ML/agents/games/Go
Personal: b.1951/UCSB/Intel '74-'86/retired/investor/motorcycles/guns
Recent interests: category theory, toposes, algebraic topology

More information about the cypherpunks-legacy mailing list