[IP] One Internet provider's view of FBI's CALEA wiretap push

Thomas Shaddack shaddack at ns.arachne.cz
Fri Apr 23 10:07:03 PDT 2004


> Right, there are at least two workable solutions-
>
> Hard drives with user alterable firmware. I surprised that none of the
> major drive manufacturers seems to have thought about offering a version of
> their controllers, for substantially more money, that offers this.
>
> A retrofit device that screws into the side of the hard drive and is set to
> inject a corrosive that almost instantly destroys the drive surfaces.  The
> device can be triggered by any number of intrusion detectors or a
> voice-activated system keyed to the operators voice print.

Maybe there is also a third solution: a FPGA sitting on the IDE bus
between the disk and the controller (optionally as a PCI controller card),
realtime-encrypting the data with something suitably strong, eg. AES256,
with the key stored in a way that's easy to destroy it - most likely a
self-contained tamper-resistant device that forgets the key under a range
of conditions: if a wrong access code gets entered n times, if a door
sensor detects forced entry, if a kill-switch is pressed, if a machine is
moved without the correct movement-authorizing code is entered before,
anything that fits the threat model. The key itself can be destroyed
pyrotechically (burn, chip, burn), or just let a RAM forget it (where the
RAM may be a battery-backed microcontroller system which shuffles the bits
through a SRAM periodically in order to avoid problems with retention
after power-off; the algorithm then can be chosen in the way that makes it
more difficult to eavesdrop on the electromagnetical emissions and power
consumption variations - a lot of this problematics is already solved by
the secure-smartcards industry).

Optionally, backup of the code is possible in many forms, if the desired
safety/reliability requires recovery from accidental key erase. The key,
being just 256 bits, may be stored in myriads ways, including a m-of-n
scheme where the parts are stored in various places or under control of
different people. Serial EEPROM chips could be suitable as containers, as
they are easy to work with, small, easy to transport and hide; this
requires a degree of security-by-obscurity, but the possibility to require
m chips (or other containers) (which could be under control of other
people, including offshore entities) could alleviate this to certain
degree.





More information about the cypherpunks-legacy mailing list