Sidetracked: secure communications

Archimerged has been sidetracked the past couple of weeks. He was working on the P-V and T-S diagrams for the Ericsson Cycle. They will be in SVG, scalable vector graphics, and use color to show T-S on the same diagram as P-V.

But for various reasons he got temporarily obsessed with anonymity, and was looking at how various anonymous web access systems work. That won’t help keeping his identity secret, since he already signed up on lots of systems without the benefit of an anonymous proxy, but the question is interesting anyway.

Thinking of running a proxy node himself, he realized that he can’t be sure of keeping a private key private. A video camera hidden in the ceiling over his keyboard could grab his passphrase… Then his node is compromised even though he himself didn’t give anyone his key. So what sort of system would he trust to keep a secret?

  • It can’t have any non-volatile storage except ROM.
  • It has to have very simple software and not do very much.
  • It has to be kept inside a faraday cage and be sealed in such a way that any attempt to open the box shorts out the power and erases all memory. (Many years ago Archimerged ran across a similar idea in Atlas Shrugged, just to give credit where it is due without making any endorsement of Ayn Rand.)
  • Two of these systems need to be able to share a secret across an unsecure wire. See http://www.ece.tamu.edu/~noise/research_files/research_secure.htm
  • Anyone should be able to examine the system and know that it has not been tampered with or bugged.

This works for secrets that are temporary and replacable, like session keys. But what about the encryption key for his permanent data storage? For this, he wants a system that permits him to enter a key from memory in a way which cannot be snooped out.

He imagines a small tube-shaped monocular with a color display of perhaps 400×400 pixels that can only be seen by the person looking down the tube, and a button that can be pressed when the cursor points at the proper location.  An image, say of the Mandelbrot set, is displayed, and a cursor jumps at random around the image.  When it lands close to the correct point, the user presses the button and the image zooms in to that point.  The process is continued at higher resolution,  to select additional bits of key.  Once the key is entered, it is transmitted securely to the system which needs it, such as the hard disk encryption device.

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


%d bloggers like this: