Break-Open One-Shot Password Stores

Ian Batten igb at batten.eu.org
Mon Feb 27 07:42:47 GMT 2012


Fictional films of nuclear missile launch processes show passwords and other key material stored in plastic enclosures which are broken in order to obtain the secret.  The idea presumably is that you can check that the key material has not been accessed without exposing it.  Whether it's true or not, it's a neat way to deal with "break glass" processes for storing the root password to servers, the back-stop copy of your lastpass password for your executor or enduring power of attorney, etc.

Has anyone seen such devices for sale?  It wouldn't be hard to do it yourself with a lucite box and some araldite, but it would probably require a tool to break open and it's hard to be sure that the system doesn't have a back door: presumably the "real" items would be very weak in one plane, so they are easy to break and any force applied to attempt to open them otherwise will break that weak point.

ian




More information about the ukcrypto mailing list