-
October 29th, 2011, 04:31 AM
#1
Decrypting only needed Parts
Hi,
think about the following situation: You are working on a foreign system, you have to expect a keylogger, screenshot-archiver and all such things installed on this system and you do not want or can not stop them.
You have an encrypted file or more than one and want to read them on this corrupted system. Off course all you can read also can be read by the attacker. But I want the attacker to read not more then I could read. So if I use a single password to decrypt everything, then after typing it, everything is readable by the attacker.
A poor solution, but the only think wich came to my mind, was to split the whole bunch of files into small peaces, encrypt them with different passwords. The problem is now to memorize a few hundert passwords....
Solution to this is, that you remember a long passphrase, encrypt every file with a few randomly choosen letters from this passphrase.
In this case, the attacker has to guess your passphrase to decrypt everything. If you only read a small amount of the files, it should be save. The longer you need to find, what you are looking fore, the higher is the risk that the attacker gets enough random letters for guessing the passphrase.
Questions:
1. Is there a better way to choose and remember many passwords?
2. Is there abetter way to only decrypt what you are looking fore and leave the rest unreadable for an attacker showing over your shoulder?
3. Is there a known description in informatic about partially encryption and decryption?
GMarco
-
November 2nd, 2011, 12:51 AM
#2
Re: Decrypting only needed Parts
Originally Posted by GMarco
Solution to this is, that you remember a long passphrase, encrypt every file with a few randomly choosen letters from this passphrase.
This is tantamount to just using short passphrases, likely decreasing the strength of the encryption. Furthermore, you still need to remember which "randomly choosen letters" are for which files, because you cannot enter the entire long passphrase anyway.
That said, I think your assessment is correct: you do need as many passphrases as there are units of ciphertext that you wish to decrypt separately. In an extreme case where you want say, each character or even each bit of ciphertext to be decrypted separately, then you might as well go for an old school one time pad system and lug around a pad material book whose contents are entered to the computer when needed.
-
November 3rd, 2011, 05:15 AM
#3
Re: Decrypting only needed Parts
You do not need to remember wicht randomly choosen letters for wich file, because you can save the letter numbers with the encrypted file without giving too much info to the attacker.
One time pad with the first 1000 numbers of pi or some parts of the bible also came to my mind, but the problem with this is, that there ar not very many very long phrases. Count all poems, rememberable parts of your favourite book, etc. ... You need at least 2^80 different possbile Passphrases to gain security. Is this possible?
"One time pad by brain" :-) this would be cool, but my fear is, that this will not be possible...
GMarco
Last edited by GMarco; November 3rd, 2011 at 05:21 AM.
-
November 3rd, 2011, 05:24 AM
#4
Re: Decrypting only needed Parts
Originally Posted by GMarco
One time pad with the first 1000 numbers of pi or some parts of the bible also came to my mind, but the problem with this is, that there ar not very many very long phrases. Count all poems, rememberable parts of your favourite book, etc. ... You need at least 2^80 different possbile Passphrases to gain security. Is this possible?
Generate the pad material using some random source. Print a copy and send it over, e.g., by mail. The recipient uses only those parts of the pad material that is needed to decrypt the ciphertext. Since the pad material corresponding to the other parts of the ciphertext is not entered to the compromised computer, they remain securely encrypted.
By the way, is this something you are trying to do in practice, or merely an academic exercise?
EDIT:
Originally Posted by GMarco
You do not need to remember wicht randomly choosen letters for wich file, because you can save the letter numbers with the encrypted file without giving too much info to the attacker.
That is true, if you treat the passphrase as a one time pad.
Last edited by laserlight; November 3rd, 2011 at 05:28 AM.
-
November 4th, 2011, 02:30 AM
#5
Re: Decrypting only needed Parts
Hi,
----
By the way, is this something you are trying to do in practice, or merely an academic exercise?
-----
Its not academic, I do this in practise, and it is not like in email. Maybe I described it the wrong way. The really important point to me is to *remember* many passwords. Typical One time pad is far to much security wich is not really necessary in this case.
I wrote some data like kind of a diary wich is encrypted to prevent it from been read by someone else. I do not want to send it to somebody. I just want to be able to carry the data on an USB-Stick and read parts of it without revealing the rest of the data.
GMarco
-
November 4th, 2011, 02:50 AM
#6
Re: Decrypting only needed Parts
Ah, now I understand. The thing is, unless you have a very good memory or few units of ciphertext that you want to decrypt separately, you probably will not be able to remember them all. The use of a password manager will also fail. I think that a printed sheet will work, or if you have a phone or tablet computer at hand, use that instead. (Then again, if you have a tablet computer, you should just use that instead of a potentially compromised computer.)
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
Click Here to Expand Forum to Full Width
|