|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Subject: RE: Classified Crypto
From: Trei, Peter (ptrei
rsasecurity.com)Date: Thu Oct 05 2000 - 09:53:44 CDT
- Next message: Ian Goldberg: "Re: Classified Crypto"
- Previous message: Wall, Kevin: "RE: human failings question"
- Maybe in reply to: John Young: "Classified Crypto"
- Next in thread: Dug Song: "Re: Classified Crypto"
- Maybe reply: Trei, Peter: "RE: Classified Crypto"
- Reply: Dug Song: "Re: Classified Crypto"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
It's been a (more or less unused) feature in SecurID for years,
I believe predating Fortezza.
Duress protocols are an old, old thing, and an example of subliminal
channels or steganography. Since usually only a single bit needs
to be transmitted, they are quite easy to set up, and difficult to
detect.
Peter Trei
> ----------
> From: Rich Salz[SMTP:rsalzcaveosystems.com]
> Sent: Thursday, October 05, 2000 9:42 AM
> To: chris stillson
> Cc: coderpunkstoad.com
> Subject: Re: Classified Crypto
>
> > I think the interesting point with this is that hardware can be designed
> to destroy
> > itself with higher voltages (not sure how high). So, use the wrong key,
> and it's now
> > just so much junk. Which makes a lot of sense in millitary applications.
>
> Years ago I saw Fortezza documents that talked about the "duress PIN."
> It could let you login, but would perhaps generate bogons, signal the
> authorities, etc. I think that's very clever. Anyone ever do anything
> like that?
> /r$
>
- Next message: Ian Goldberg: "Re: Classified Crypto"
- Previous message: Wall, Kevin: "RE: human failings question"
- Maybe in reply to: John Young: "Classified Crypto"
- Next in thread: Dug Song: "Re: Classified Crypto"
- Maybe reply: Trei, Peter: "RE: Classified Crypto"
- Reply: Dug Song: "Re: Classified Crypto"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]