Storing Crypto Keys with Invisible Tattoos

Bruce Schneier points to a paper suggesting using UV inks to tattoo keys to secured, implanted medical devices. Despite the legitimate problems involved with securing new devices that increasingly make use of wireless communication to enable richer, simpler monitoring, I can see one gargantuan flaw with this idea.

It is an obvious case of security through obscurity. There are some costs around gaining access to a target and fluorescing the key without tipping your hand. That is all that protects the key, though. The fact that it isn’t visible in ordinary light isn’t much of a protective measure. Maybe clothing alters the equation, somewhat, but I suspect not enough for the determined attacker.

There has to be a better way to allow emergency medial works to access these devices without painting a giant, if invisible, target symbol on your body.

One Reply to “Storing Crypto Keys with Invisible Tattoos”

  1. This may be the only time ever that security through obscurity works.

    This is the only way that I can think of to share a key with n number of people without giving it to everyone in the world. If I were a person who really needed this eg. epileptic, brittle diabetic, an alztimers patient, a person suffering from MS, a person with a mental illness, this would be better than 1. having it unencrypted, 2. having the key available to anyone with a minor interest, or 3. dying because no one could get my info.

Leave a Reply

Your email address will not be published. Required fields are marked *