tech-security archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: cgd and remote keys
On Sat, 5 Jan 2008, Gavan Fantom wrote:
Possibly a better strategy would be for cgd (or something similar) to support
multiple keys for the same partition, and return alternative datasets
depending on which key is given. Plausible deniability tends to work much
better when under duress than not being in a position to give anything. If
you can give them something that is sufficient to convince them that they
have got everything there is to get from you, and that it will be of some
value to them, then you are more likely to escape with your life (or without
a criminal record).
In the case of criminals, presumably some slightly secret information that
you would plausibly encrypt (while the ultra-secret stuff is encrypted with
an auto-destructed key, of which no trace exists). In the case of law
enforcement, presumably some softcore porn or details of swiss bank accounts
which contain trivial amounts of money. Basically, enough to warrant hiding
it from prying eyes, but not enough to get you into deep trouble.
Then there is no way to prove that you have any more keys, and you can deny
it to your heart's content.
TrueCrypt allows for nesting a hidden volume inside a normally
encrypted volume. A trivial implementation of this would not
interact well with an FFS outer encrypted volume, but could
definitely be a good approach for those interested:
http://www.truecrypt.org/docs/?s=hidden-volume
http://www.truecrypt.org/docs/?s=plausible-deniability
--
David/absolute -- www.NetBSD.org: No hype required --
Home |
Main Index |
Thread Index |
Old Index