[146328] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

Re: [Cryptography] *** SPAM *** dead man switch [was: Re: Snowden

daemon@ATHENA.MIT.EDU (=?ISO-8859-1?Q?Philipp_G=FChring?=)
Tue Jul 9 03:29:26 2013

X-Original-To: cryptography@metzdowd.com
In-Reply-To: <20130705160726.D5BC9BEE1@snorky.mixmin.net>
From: =?ISO-8859-1?Q?Philipp_G=FChring?= <pg@futureware.at>
Date: Mon, 08 Jul 2013 13:22:20 +0200
To: StealthMonger <StealthMonger@nym.mixmin.net>,cryptography@metzdowd.com
X-MDaemon-Deliver-To: cryptography@metzdowd.com
Cc: Richard Salz <rich.salz@gmail.com>
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com

--===============2564714906267307678==
Content-Type: multipart/alternative; boundary="----NT2BU4TN5PR8OMUAW0X1B8KFZSD1JX"

------NT2BU4TN5PR8OMUAW0X1B8KFZSD1JX
Content-Type: text/plain;
 charset=UTF-8
Content-Transfer-Encoding: 8bit

Hi,

I would suggest Secret Key Splitting (e.g. Shamir's scheme), with an n-out-of-m scheme. Add decryption instructions, give everyone you trust and who is not easily discoverable a share of the key, the complete encrypted backups, and tell them to follow instructions when they believe you are dead or imprisoned. (The instructions could be as easy as "boot your PC from this DVD and keep it running for at least a week". Given enough secret shares, it should work and be interference-safe, and still only be decryptable if n of the m trusted parties collaborate.

Best regards,
Philipp



StealthMonger <StealthMonger@nym.mixmin.net> schrieb:

>Richard Salz <rich.salz@gmail.com> writes:
>
>>> How could it be arranged that "if anything happens at all to Edward
>>> Snowden, he told me he has arranged for them to get access to the
>full
>>> archives"?
>
>> A lawyer or other (paid) confidant was given instructions that would
>> disclose the key.  "Do this if something happens to me."
>
>An adversary can verify an open source robot, but not such
>instructions.
>
>NSA cannot verify a claim that such instructions have been given
>(unless
>they know the lawyer's identity, but in that case they can
>"interfere").
>(On the other hand, NSA cannot afford to assume that such a claim is a
>bluff, and that's the strength of this idea.)
>
>The intended interpretation of the "open source" clause in the original
>problem statement is that anyone could inspect the workings of the
>robot
>and verify that it does indeed "harbor a secret" and that if the signed
>messages stop coming it will indeed release that secret.
>
>(For example, in one implementation -- NOT CRYPTOGRAPHICALLY STRONG --
>a
>secret file's access permissions can only be granted by the robot.)
>
>
>-- 
>
>
> -- StealthMonger <StealthMonger@nym.mixmin.net>
>    Long, random latency is part of the price of Internet anonymity.
>
>   anonget: Is this anonymous browsing, or what?
>http://groups.google.ws/group/alt.privacy.anon-server/msg/073f34abb668df33?dmode=source&output=gplain
>
>   stealthmail: Hide whether you're doing email, or when, or with whom.
>   mailto:stealthsuite@nym.mixmin.net?subject=send%20index.html
>
>
>Key:
>mailto:stealthsuite@nym.mixmin.net?subject=send%20stealthmonger-key
>
>
>
>------------------------------------------------------------------------
>
>_______________________________________________
>The cryptography mailing list
>cryptography@metzdowd.com
>http://www.metzdowd.com/mailman/listinfo/cryptography

------NT2BU4TN5PR8OMUAW0X1B8KFZSD1JX
Content-Type: text/html;
 charset=utf-8
Content-Transfer-Encoding: 8bit

<html><head/><body><html><head></head><body>Hi,<br>
<br>
I would suggest Secret Key Splitting (e.g. Shamir&#39;s scheme), with an n-out-of-m scheme. Add decryption instructions, give everyone you trust and who is not easily discoverable a share of the key, the complete encrypted backups, and tell them to follow instructions when they believe you are dead or imprisoned. (The instructions could be as easy as &quot;boot your PC from this DVD and keep it running for at least a week&quot;. Given enough secret shares, it should work and be interference-safe, and still only be decryptable if n of the m trusted parties collaborate.<br>
<br>
Best regards,<br>
Philipp<br><br><div class="gmail_quote"><br>
<br>
StealthMonger &lt;StealthMonger@nym.mixmin.net&gt; schrieb:<blockquote class="gmail_quote" style="margin: 0pt 0pt 0pt 0.8ex; border-left: 1px solid rgb(204, 204, 204); padding-left: 1ex;">
<pre style="white-space: pre-wrap; word-wrap:break-word; font-family: monospace; margin-top: 0px">Richard Salz &lt;rich.salz@gmail.com&gt; writes:<br /><br /><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #729fcf; padding-left: 1ex;"><blockquote class="gmail_quote" style="margin: 0pt 0pt 1ex 0.8ex; border-left: 1px solid #ad7fa8; padding-left: 1ex;">How could it be arranged that "if anything happens at all to Edward<br />Snowden, he told me he has arranged for them to get access to the full<br />archives"?</blockquote><br />A lawyer or other (paid) confidant was given instructions that would<br />disclose the key.  "Do this if something happens to me."</blockquote><br />An adversary can verify an open source robot, but not such instructions.<br /><br />NSA cannot verify a claim that such instructions have been given (unless<br />they know the lawyer's identity, but in that case they can "interfere").<br />(On the other hand, NSA canno
 t
afford to assume that such a claim is a<br />bluff, and that's the strength of this idea.)<br /><br />The intended interpretation of the "open source" clause in the original<br />problem statement is that anyone could inspect the workings of the robot<br />and verify that it does indeed "harbor a secret" and that if the signed<br />messages stop coming it will indeed release that secret.<br /><br />(For example, in one implementation -- NOT CRYPTOGRAPHICALLY STRONG -- a<br />secret file's access permissions can only be granted by the robot.)<br /><br /></pre></blockquote></div></body></html></body></html>
------NT2BU4TN5PR8OMUAW0X1B8KFZSD1JX--


--===============2564714906267307678==
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline

_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
--===============2564714906267307678==--


home help back first fref pref prev next nref lref last post