Protecting private key on USB flash drive: how to?
vedaal at hush.com
vedaal at hush.com
Fri May 9 20:42:51 CEST 2008
Robert J. Hansen rjh at sixdemonbag.org
wrote on Fri May 9 19:56:51 CEST 2008 :
> The interrogator decides to keep on beating you until you decide
>to turn over the (nonexistent) hidden volume.
>there are times when you very much want to prove
>that you _don't_ have certain data.
>TrueCrypt's design makes these sorts of proofs impossible
not 'impossible'
just *tediously inconvenient* ;-)
for discussion purposes, assume the following:
[1] a 1 gig usb drive
[2] a true-crypt container of 1 gig (actually somewhat less, but
whatever it is, to fill the drive)
[3] a hidden volume of 100 mb
now,
if you know that you are going to a repressive area where you will
be forced to reveal everything and prove that there is nothing left
unrevealed,
then you can:
(a) copy the hidden volume to somewhere else, well out of the
influence of the interrogators, and leave it there until you are
safely home
(b) erase the hidden volume from the truecrypt container
(Peter Guttmann 35 pass, should work fine, considering the next few
steps)
(c) copy whatever convincingly private information you have on the
hidden volume, that you don't mind the interrogators having, into
the truecrypt volume;
(your medical information, SAT scores, parking tickets, tax
returns, etc. ;-)
[all stuff that they can get without you anyway, and verify] )
(d) fill up the rest of the truecrypt container with free open
source programs that you like to take with you, to recreate on
whatever laptop you might want to use,
some excellent space-fillers are:
cygwin components and libraries
grc compilers
ubuntu packages
python programs, libraries and documentation,
any number of downloadable pdf books, videos, or music
(keep them 'legal' ;-) )
etc.
if there is no space left for a hidden volume in the truecrypt
container or on the usb drive,
then there is no possible hidden volume,
something even the interrogator should be able to see ...
(n.b.
this means you can't take a laptop with you,
unless you fill the harddrive the same way
[although not that hard to do if you absolutely must,
and are a film buff,
20 to 40 movies added to what's ordinarily on your laptop,
will easily fill a 160 gig drive] )
caveat:
as Al Pacino said in *The Recruit* :
"Everybody breaks. Don't get caught."
Don't visit these kind of repressive areas in the first place ;-)
vedaal
any ads or links below this message are added by hushmail without
my endorsement or awareness of the nature of the link
--
Click here for great computer networking solutions!
http://tagline.hushmail.com/fc/Ioyw6h4fM6muhkDk7x0ig9hNLfEi1gjJCl016xr3mMjptRcyWn5jOX/
More information about the Gnupg-users
mailing list