←back to thread

Show HN: Tripwire: A new anti evil maid defense

(github.com)
81 points DoctorFreeman | 2 comments | 11 Dec 25 09:46 UTC | HN request time: 2.118s | source

If you have heard of [Haven](https://github.com/guardianproject/haven), then Tripwire fills in the void for a robust anti evil maid solution after Haven went dormant.

The GitHub repo describes both the concept and the setup process in great details. For a quick overview, read up to the demo video.

There is also a presentation of Tripwire available on the Counter Surveil podcast: https://www.youtube.com/watch?v=s-wPrOTm5qo

Show context
Thorrez ◴[12 Dec 25 18:07 UTC] No.46246795[source]
Instead of deleting the secret on trip, and requiring a re-arm, it could instead derive a new secret on trip, by e.g. hashing the previous secret. That way you don't have to manually re-arm it, and you get a record of all trips.

Say e.g. a bug walks in front of the camera, tripping it. Then 1 hour a later an evil maid comes in and tampers with the system. In my design, you could look at the photo record, see that the 1st trip was a false alarm, then continue looking at the data, and see that the 2nd trip was something real.

Compared to with the current design, the bug would trip it, then you would get no record of the actual evil maid. You would see the photos of the bug tripping it, and think "oh, it's just a false alarm, I don't need to worry", and trust the computer, even though it's tampered with.

replies(2): >>46251957 #>>46265689 #
1. ahazred8ta ◴[14 Dec 25 18:55 UTC] No.46265689[source]
On the TV series The Starlost, security safes had a numeric access code that incremented by 1 after each use.
replies(1): >>46274584 #
2. Thorrez ◴[15 Dec 25 13:56 UTC] No.46274584[source]
Incrementing doesn't provide the security requirement here: given knowledge of a current key, it's not possible to compute a past key. With incrementing, it's easy to compute a past key. With hashing, it's not possible to compute a past key.