Re: root fs/crypted
On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote:
> On Wed, May 30, 2001 at 01:08:21AM -0700, firstname.lastname@example.org wrote:
> > Couldn't you say something like "I'm so sorry, I can't remember the pass
> > phrase, my mind has failed me...etc?"
> What about a more provable approach:
> The passphrase could be changed automatically on every system
> boot, and the new passphrase could be written to a floppy disk
> on a clean shutdown (which, of course, is only possible with
> the root password).
> So if the police takes the computer and doesn't do the clean
> shutdown (how could they?), you can tell them: Sorry folks,
> you just destroyed the possibility to get any data from that computer...
> This, of course, means that you lose your data if the computer
This is likely solving the wrong problem, your security is almost never
limited by cryptographic strength, but rather by human factors or other
However, there is a known answer to this particular threat model.
You want UNprovable security, with a duress filesystem.
Set up a cryptographic filesystem where some blocks are filled with encrypted
data, and some are filled with garbage. There are various keys that identify
which parts of the filesystem that are in which filesystem and how to read
them. To use some of the files, you supply just the keys you need, and leave
most of the disk as untouched garbage.
If someone demands that you decrypt your disk, all you can do is provide them
some of the keys, which reveals some of the disk contents, but leaves a lot
of suspiscious garbage left. But since you always have some real garbage
left on the disk, you can't prove that you've told them everything, even
if you wanted to. (This lets you conceal a key or two, since it would
look like you had anyway.)
Don't do this unless your data is quite valuable: The rational police
response is to apply as much pressure as would coerce the most stubborn
suspect, so expect to spend several years in jail for contempt of court
(or your local equivalent) should you get raided with such a thing.
I'm not aware of any actual implementations, unfortunately.
The usual reference for this sort of thing is the cypherpunks list.