Hi,

think about the following situation: You are working on a foreign system, you have to expect a keylogger, screenshot-archiver and all such things installed on this system and you do not want or can not stop them.

You have an encrypted file or more than one and want to read them on this corrupted system. Off course all you can read also can be read by the attacker. But I want the attacker to read not more then I could read. So if I use a single password to decrypt everything, then after typing it, everything is readable by the attacker.

A poor solution, but the only think wich came to my mind, was to split the whole bunch of files into small peaces, encrypt them with different passwords. The problem is now to memorize a few hundert passwords....

Solution to this is, that you remember a long passphrase, encrypt every file with a few randomly choosen letters from this passphrase.

In this case, the attacker has to guess your passphrase to decrypt everything. If you only read a small amount of the files, it should be save. The longer you need to find, what you are looking fore, the higher is the risk that the attacker gets enough random letters for guessing the passphrase.

Questions:
1. Is there a better way to choose and remember many passwords?
2. Is there abetter way to only decrypt what you are looking fore and leave the rest unreadable for an attacker showing over your shoulder?
3. Is there a known description in informatic about partially encryption and decryption?


GMarco