zlacker

[parent] [thread] 7 comments
1. kodah+(OP)[view] [source] 2022-02-08 17:54:11
Keys are conspicuously easy to hide. My PGP master key that I've been using for some time is hidden on two devices which would be difficult to identify much less locate and are encrypted as well.
replies(2): >>pavel_+A1 >>paulpa+f3
2. pavel_+A1[view] [source] 2022-02-08 17:59:44
>>kodah+(OP)
They're easy to hide as long as the federal government isn't trying to tie you to 4.5 billion worth of something.
replies(1): >>kodah+N2
◧◩
3. kodah+N2[view] [source] [discussion] 2022-02-08 18:04:45
>>pavel_+A1
Even with the fervor of the federal government they'd be easy to hide.

A USB is tiny, and you can shrink it's footprint with USB-C. You can also buy USB keys with tamper-proof housings that will blow a fuse if opened to be physically compromised. Coupled with strong post-quantum crypto, that key is relatively secure, even if physically discovered.

That's just the technical bit. You can also split the key in half and transfer the other half somewhere, which creates legal protection. You could also create a housing for the key so it's not easily discoverable.

If all that sounds a bit extra, circle back to that the perpetrator has 4.5 Billion worth of something.

replies(1): >>rootus+Sy
4. paulpa+f3[view] [source] 2022-02-08 18:06:46
>>kodah+(OP)
strong passwords. aes256 with even just 7 word password chosen from a 1000-word dictionary cannot be cracked with existing tech
replies(2): >>akomtu+2d >>rogers+Fl
◧◩
5. akomtu+2d[view] [source] [discussion] 2022-02-08 18:47:27
>>paulpa+f3
TBH, with 4B at stake, I wouldnt blindly rely on AES. I'd use it as the 1st step, and then additionally encrypt its output with a custom AES-like algorithm (change tge s-box, change the number of rounds, maybe upgrade it to 512 bits). Even if my homebrew algo is weak, there's still standard AES behind it.
replies(1): >>boring+dx
◧◩
6. rogers+Fl[view] [source] [discussion] 2022-02-08 19:20:39
>>paulpa+f3
You are pushing it. 1000 words is 10 bits of entropy per randomly chosen word. 70 bits of entropy is probably crackable by a government agency.

Edit: I checked and unless I mixed some zeroes somewhere it looks like the current bitcoin hash rate of 200 million TH/s can crack 92 bits within a year. log (200,000,000,000,000,000,000*3600*24*365) / log 2 = 92.35

◧◩◪
7. boring+dx[view] [source] [discussion] 2022-02-08 20:09:40
>>akomtu+2d
Why mess with AES when you can just use another strong algorithm or two? e.g. AES+SERPENT+Twofish, with three separate unrelated keys of course.
◧◩◪
8. rootus+Sy[view] [source] [discussion] 2022-02-08 20:16:14
>>kodah+N2
> If all that sounds a bit extra, circle back to that the perpetrator has 4.5 Billion worth of something.

It does sound like a lot of work. I think I'd go with the $5 wrench option.

[go to top]