Moving Downstream Across an Air Gap

If a device emits electrons, or operates by electrons, it is dangerous.  So the point about air gapping, an important topic which few seem to focus on, is to break the trail of electrons, upstream and downstream.

Consider the internet-connected device to be compromised, even though we will take standard precautions as to its security.  The cipher text that arrives onto this device will be heavily encrypted, and it may even be hidden.  What we are going to do is print it to a piece of paper.  For example, it might be a PGP-encrypted email.  That PGP-encrypted email may be buried in a photo–to avoid traffic analysis.

Then we will carry that paper to our secure device, and at that device we will scan the document and turn it into readable text.  Then we can begin decryption.

Encrypting and decrypting off-line is the one of the salient features of secure internet communication.

The air-gapped device needs to be distant from the unsecure device, perhaps as much as possible.  It is also needs to be in a place with strong physical security.  A complete absence of Wifi in the area of the air-gapped device is recommended, even though the air-gapped device has no Wifi capability.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s