mirror of
https://git.sr.ht/~seirdy/seirdy.one
synced 2024-11-14 17:42:09 +00:00
945 B
945 B
title | date | syndicatedCopies | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|
Lose-able keys are a feature | 2024-09-12T20:30:14-04:00 |
|
In opsec, duress ("rubber-hose") attacks are famously hard to address. Cryptographic keys that cannot be lost have poor protections against duress.
Travelers can leave key fobs at home should they be accosted. A victim of a break-in can conveniently "lose" or smash a hardware key, erasing any encrypted data. Yes, I know about cold-boot attacks; I don't recommend at-risk people to leave things decrypted for long durations. I like the idea of spring-loaded key fobs that can't be left plugged in.
People talking about key fob body implants don't usually plan for removing them in seconds with plausible deniability.