Cyphernomicon Top
Cyphernomicon 18.10

Loose Ends and Miscellaneous Topics:
Duress Switches, Dead Man Switches

  18.10.1. "What about "duress" codes for additional security?"
           - Where a harmless decrytion can be done, or an alarm sent.
           + Examples
             - sending alarm, like an under the counter alarm button
             - decrypting a bank card number for a lesser-value account
             - two sets of books (not strictly a "duress" code, unless
                you view the IRS as causing duress)
             - alarms to associates, as in cells
           - " Having a separate authentication mechanism that is used
              under duress is a very good idea that some existing systems
              employ....  From a systems point of view, it is hard to
              figure out exactly how the system should respond when it
              recognizes a duress authentication....The safe inside the
              ATM machines used by BayBanks (Boston Mass) can be opened
              with two combinations.  One combination sends an alarm to
              the bank via a separate phone line (not the one used to
              perform the ATM transaction).  The alarm phone line is also
              connected to a conventional panic switch." [Bob Baldwin,
              Duress Passwords/PINs/Combinations, 1993-11-18]
  18.10.2. Duress switches, dead man switches, etc.
           + "Digital flash paper," can be triggered to erase files,
             - (BATF and DEA raiders may have sophisticated means of
                disabling computers)
           + Duress codes..."erase my files," ways of not giving esrowed
              information unless proper code is given, etc.
             + "Don't release if I am under indictment"
               - interesting issues about secret indictments, about
                  publicity of such cases, access to court records by
                  offshore computers, etc.
  18.10.3. Personal security for disks, dead man switches
           + I have heard that some BBS operators install dead man
              switches near the doors to rooms containing their
              systems...entering the room without flipping the switch
              causes some action to be taken
             - erasing a disk, dumping a RAM disk (a dangerous way to
                store data, given power failures, soft errors, restarts,

Next Page: 18.11 Can Encryption be Detected?
Previous Page: 18.9 The Net

By Tim May, see README

HTML by Jonathan Rochkind