Attacking an offline system

NdK ndk.clanbo at gmail.com
Thu Sep 12 22:03:27 CEST 2013


Il 12/09/2013 19:07, Peter Lebbing ha scritto:

> The filesystem is also still there with this USB-via-serial-port thingy. And on
> the CD.
Nope. W/ Vinculum module you send it commands like "open mickey.txt" and
then "read 1024". The filesystem driver is in the module and your
interface only receives expected data.

You really should define your "security perimeter". Start by asking
yourself how much an attacker is willing to spend to access the data
you're handling. Once you have an answer to this question you can choose
how much you are willing to spend to defend your data.
Plain old password protecting a file is usually enough.
FST-01 token could be useful to have your key easily portable and (w/ a
little work) even add a button to confirm signing.
Smartcards are another good alternative if you need some "certification".
An HSM is much less portable but needed if you need both certification
and speed.

And this just to keep your keys safe. Keeping the whole system safe is a
careful compromise between functionality and security. But all depends
on the answer to the first question.

But rubberhose cryptoanalysis is usually *way* more effective :)

BYtE,
 Diego.



More information about the Gnupg-users mailing list