Somewhat OT, encryption question

[Robert Moskowitz]

On 11/27/2014 11:34 AM, Bill Oliver wrote:
> On Wed, 26 Nov 2014, Bruno Wolff III wrote:
>
>> On Wed, Nov 26, 2014 at 20:47:25 +0000,
>>  Bill Oliver <vendor at billoblog.com> wrote:
>>> On Wed, 26 Nov 2014, Bill Oliver wrote:
>>>
>>> Actually, let me be more specific.  Let's say I have data on a flash
>>> drive that is encrypted using gpg.  We can even say the flash drive
>>> itself is encrypted.
>>>
>>> Now let's say that flash drive is stolen, lost, etc. *and* the
>>> passphrase is compromised.  I want the data on the flash drive to be
>>> available *only on one computer* even if the passphrase is known.
>>
>> If you don't need to decrypt data in the field, you can use public 
>> key encryption. You won't be able to decrypt the data without the 
>> private key. (Which you wouldn't have with you or the flash drive.)
>>
>> TPMs provide a way to keep a secret on a computer that can't easily 
>> be extracted (otherwise you could supply the data in an emulated 
>> environment). I don't know if there is anything in Fedora for using 
>> say, luks with a TPM in a way that prevents the TPM info from being 
>> sniffed in a similar manner to how your passphrase is compromised. 
>> There has been some work with using TPMs with luks, but I don't know 
>> how the process works.
>>
>> Note, that if this scenario comes about because someone grabs you and 
>> the flash drive, but not your computer, there could be dire 
>> consequences to not being able to decrypt the drive. Particularly if 
>> the people holding don't believe you, when you say you can't decrypt it.
>>
>
> That's part of the point.  Were I to be carrying a flash drive, for 
> instance, and be required to provide a passphrase, I need to be able 
> to provide it *and* a cogent, truthful, and believable explanation of 
> why it doesn't work and there's *nothing I can do" to make it work 
> short of returning home and retrieving my computer.  There are many 
> situations nowadays where people can be coerced into giving up their 
> passphrases.  In the US, this can happen at the border.  In other 
> countries, every move you make is under some sort of surveillance, 
> often covert, and getting information in and out can be problematic.
>
> What I would like to be able to do is go to a remote site, 
> acquire/select data for my personal access and use at my office, 
> encrypt it using a public key, and then not be able to decrypt it 
> until I got back to my office and put it in *my* computer.

RSA crypto can do this with only your public key traveling.

You encrypt the data with a random AES key.  You encrypt your key with 
your RSA public key.  Only when you get back home where your private key 
lives, can you decrypt it.

In fact, most email programs that support S/MIME can do this.

Set up an account foo at bar.com with an email client that supports 
S/MIME.  Import your public key from your home email into it. Encrypt 
your document to your home email account with your home email public 
key.  You have no way of decrypting it until you get home to the 
computer where your private key lives.

All standard stuff.  Just need the right email accounts and software.

You will probably need a cert for the foo at bar.com account, but that will 
only be used to sign the source of the email, not encrypt it.



>
> The personal danger really isn't all that great, as long as you stay 
> out of Islamic countries, and go around with an escort (the latter 
> being the key).  In doing this for 30 years -- for the US military, 
> for a state police agency, as an academic, and for the occasional NGO, 
> I've only been directly and realistically threatened with death three 
> times (not including the general threat of being in an active 
> theater).  All three were in the US, two involving gangs and one 
> involving a distraught parent who accused us of covering up the murder 
> of his daughter and decided to even things out with a shotgun.
>
> Frankly, it's more dangerous to be a lawyer for some of these people.  
> I remember a case some years ago where I testified about an 
> execution-style murder.  I didn't know anything about the case, 
> really.  When I got into the courtroom and got on the stand, I was a 
> bit surprised.  There were four defendants, and they looked like 
> something out of central casting for a low budget action flick. They 
> had tattoos all over their faces with "MS13" on their foreheads and 
> necks, fu-manchu mustaches, shaved heads and mohawks, etc.
>
> After I got through testifying, I was excused and the judge ordered a 
> recess.  I walked out of the court to the elevator along with a man 
> who had been in the court who I didn't know, but seemed to be involved 
> in the case.  I turned to him and asked, "Hey, that's quite a cast in 
> there.  Do you know the story?  What did these guys do?"
>
> He replied "Well, it's our position they did nothing all, but between 
> you and me, I'm scared shitless.  These are the kind of people who 
> kill you if they don't think you did a good job for them.  And the 
> evidence is pretty clear.  They are going to be convicted."
>
> "Heh.  I gather you're on the defense team, then."
>
> "Yes, God help me."
>
> Happily, my interest in the case stops the minute I walk out the 
> door.  I don't know who they were or how the case turned out.
>
> Interestingly, from a forensic medicine practice perspective, most 
> people are happy for you to just do your job and move on.  I once 
> talked to a forensic pathologist from the Soviet Union back in the day 
> and asked him how he could practice in a country where they played 
> with the truth so much.  Did he get a lot of pressure to change his 
> findings?  He laughed and said not at all.  The Kremlin wanted to know 
> the truth, and he was free to tell it to them no matter how unpleasant 
> it was.  He was one of the few people in Moscow who didn't have to 
> censor what he told people in the Kremlin.  He just couldn't tell 
> anybody else.
>
>
>
> billo
>