1
0
Fork 0
mirror of https://git.sr.ht/~seirdy/seirdy.one synced 2024-11-23 21:02:09 +00:00
seirdy.one/content/notes/loseable-keys-are-a-feature.md
2024-09-12 20:39:41 -04:00

15 lines
945 B
Markdown

---
title: "Lose-able keys are a feature"
date: 2024-09-12T20:30:14-04:00
syndicatedCopies:
- title: 'The Fediverse'
url: 'https://pleroma.envs.net/objects/5109b99d-e817-4f79-b9a4-8fe1293e3900'
- title: 'Bluesky'
url: 'https://bsky.app/profile/seirdy.one/post/3l3yptx6w4l22'
---
In opsec, [duress ("rubber-hose") attacks are famously hard to address](https://xkcd.com/538/). Cryptographic keys that cannot be lost have poor protections against duress.
Travelers can leave key fobs at home should they be accosted. A victim of a break-in can conveniently "lose" or smash a hardware key, erasing any encrypted data. Yes, I know about cold-boot attacks; I don't recommend at-risk people to leave things decrypted for long durations. I like the idea of spring-loaded key fobs that can't be left plugged in.
People talking about key fob body implants don't usually plan for removing them in seconds with plausible deniability.