Idea: Small-volume concealed data storage
Thomas Shaddack
shaddack at ns.arachne.cz
Fri Oct 10 22:08:06 PDT 2003
I mentioned here the AT24RF08 chip here for couple times already. I got an
idea about another application for this nice toy.
For an encrypted data storage, the storage of the key is crucial. If the
key is recovered, everything is lost. Remembering 256 (or even 128) bits
is a hassle, a storage medium is subject to potential seizure. The key has
to be protected by a passphrase, which is subject to bruteforcing. The key
has to be destroyed in the event of a dangerous situation detected by the
environmental sensors, or if the passphrase is tried one time too much
(which opens the possibility of a DoS attack, rendering the data
protection scheme unusable by regular intentional destruction of the key).
However, the higher security we want, the lower alarm thresholds we have
to set and the higher is the probability of misfire. For convenience
reasons, for most common scenarios where absolute security is not
necessary and some risk is affordable, we need a backup key storage.
The mentioned chip can operate passively, powered from the coil used for
data transfer, principially the same as an RFID tag. The independence on
any kind of power supply makes it suitable for being built into some
object, including the building itself; the chip and coil may be located
inside a wall, serving as a potential storage for up to 8 kilobits of data
as necessary. It may be put in place at the moment when the building is
built, or during some construction work. Routine kinds of police raids are
quite unlikely to discover this kind of data storage (though the eventual
discovery of a reader device may be a giveaway). XORing the key with a MD5
hash of a memorized keyphrase can further increase security.
This method may be also used for covert exchange of short messages. The
device may be hidden under the carpet or inside poured concrete floor, and
reader/writed in the shoes of the conspirators. The simplicity and
robustness of the storage part of the technology could permit long-time
installations "just for case".
Or maybe I am too tired to think in coherent way.
Maybe it's a good idea. Maybe not (if, then why?). May be handy at least
for a spy novel writer.
More information about the cypherpunks-legacy
mailing list