Encryption and risk
Richard Pieri
richard.pieri-Re5JQEeQqe8AvxtiuMwx3w at public.gmane.org
Tue Oct 6 10:56:26 EDT 2009
On Oct 6, 2009, at 10:27 AM, Dan Ritter wrote:
> Everyone seems to be ignoring the real brute force attack:
> rubber-hose cryptanalysis.
I did not ignore it; I simply chose not to address it. But since you
asked... :)
Obviously, no algorithm can be proof against a rubber hose attack.
Securing against rubber hoses is a matter of implementation. One
possible mechanism is something similar to standard code signing
practice with multi-factor authentication. The user has a pass phrase
(virtual key). The site has a hard token of some sort. That token is
stored in a secured area (physical key). The user does not have
access to said secured area and must make a request through physical
security to sign out the token and sign it back in after the code
signing is complete. And, of course, physical security monitors the
checked-out token at all times.
--Rich P.
More information about the Discuss
mailing list