Key based secure operating system with secure dongle and method, and cryptographic method

摘要

A security interface system creates plausible deniability, and consists of a security interface device having a port for a releasable connection to a PC and to a memory key containing an encrypted operating system, the interface device containing logic to decrypt the memory key and a plaintext bootloader, and a further port for a memory card containing a key. The key is entirely encrypted and appears as random data when inspected. The interface device may have a port(s) for a keyboard and mouse. An encryption and decryption method is described, for decrypting a ciphertext into one of two plaintexts by choice of a key, the choice of which plaintext depending on whether the secret is to be revealed or remain confidential.

主权项

1. A security interface system for plausible deniability of encrypted data, comprising:
a. a first port for connection to a memory key, and a second port for connection to a PC; b. the memory key containing encrypted data, the key removably and operatively connected to the first port; c. circuitry comprising a hub controller for controlling data flows to and from the ports; d. a mass storage controller containing a boot record for the contents of the key and logic to decrypt the key; and e. a bootsector having static pointer traces to encrypted data on the memory key, wherein the bootsector is physically separable from the encrypted data located on the memory key, the separation resulting in removal of static pointer traces pointing to data on the memory key for maintaining plausible deniability wherein the memory key is entirely encrypted, so as to appear as random data without trace of encryption, maintaining plausible deniability when separated from the bootsector.