Somewhat OT, encryption question
Bill Oliver
vendor at billoblog.com
Thu Nov 27 17:01:15 UTC 2014
On Thu, 27 Nov 2014, Robert Moskowitz wrote:
>
> On 11/27/2014 11:34 AM, Bill Oliver wrote:
>> On Wed, 26 Nov 2014, Bruno Wolff III wrote:
>>
>> > On Wed, Nov 26, 2014 at 20:47:25 +0000,
>> > Bill Oliver <vendor at billoblog.com> wrote:
>> > > On Wed, 26 Nov 2014, Bill Oliver wrote:
>> > >
>> > > Actually, let me be more specific. Let's say I have data on a flash
>> > > drive that is encrypted using gpg. We can even say the flash drive
>> > > itself is encrypted.
>> > >
>> > > Now let's say that flash drive is stolen, lost, etc. *and* the
>> > > passphrase is compromised. I want the data on the flash drive to be
>> > > available *only on one computer* even if the passphrase is known.
>> >
>> > If you don't need to decrypt data in the field, you can use public key
>> > encryption. You won't be able to decrypt the data without the private
>> > key. (Which you wouldn't have with you or the flash drive.)
>> >
>> > TPMs provide a way to keep a secret on a computer that can't easily be
>> > extracted (otherwise you could supply the data in an emulated
>> > environment). I don't know if there is anything in Fedora for using say,
>> > luks with a TPM in a way that prevents the TPM info from being sniffed
>> > in a similar manner to how your passphrase is compromised. There has
>> > been some work with using TPMs with luks, but I don't know how the
>> > process works.
>> >
>> > Note, that if this scenario comes about because someone grabs you and
>> > the flash drive, but not your computer, there could be dire consequences
>> > to not being able to decrypt the drive. Particularly if the people
>> > holding don't believe you, when you say you can't decrypt it.
>> >
>>
>> That's part of the point. Were I to be carrying a flash drive, for
>> instance, and be required to provide a passphrase, I need to be able to
>> provide it *and* a cogent, truthful, and believable explanation of why it
>> doesn't work and there's *nothing I can do" to make it work short of
>> returning home and retrieving my computer. There are many situations
>> nowadays where people can be coerced into giving up their passphrases. In
>> the US, this can happen at the border. In other countries, every move you
>> make is under some sort of surveillance, often covert, and getting
>> information in and out can be problematic.
>>
>> What I would like to be able to do is go to a remote site, acquire/select
>> data for my personal access and use at my office, encrypt it using a
>> public key, and then not be able to decrypt it until I got back to my
>> office and put it in *my* computer.
>
> RSA crypto can do this with only your public key traveling.
>
> You encrypt the data with a random AES key. You encrypt your key with your
> RSA public key. Only when you get back home where your private key lives,
> can you decrypt it.
>
> In fact, most email programs that support S/MIME can do this.
>
> Set up an account foo at bar.com with an email client that supports S/MIME.
> Import your public key from your home email into it. Encrypt your document to
> your home email account with your home email public key. You have no way of
> decrypting it until you get home to the computer where your private key
> lives.
>
> All standard stuff. Just need the right email accounts and software.
>
> You will probably need a cert for the foo at bar.com account, but that will only
> be used to sign the source of the email, not encrypt it.
>
>
>
Thanks. I'll read up on that.
billo
More information about the users
mailing list