tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: cgd and remote keys



On Sat, 5 Jan 2008, Gavan Fantom wrote:

Possibly a better strategy would be for cgd (or something similar) to support multiple keys for the same partition, and return alternative datasets depending on which key is given. Plausible deniability tends to work much better when under duress than not being in a position to give anything. If you can give them something that is sufficient to convince them that they have got everything there is to get from you, and that it will be of some value to them, then you are more likely to escape with your life (or without a criminal record).

In the case of criminals, presumably some slightly secret information that you would plausibly encrypt (while the ultra-secret stuff is encrypted with an auto-destructed key, of which no trace exists). In the case of law enforcement, presumably some softcore porn or details of swiss bank accounts which contain trivial amounts of money. Basically, enough to warrant hiding it from prying eyes, but not enough to get you into deep trouble.

Then there is no way to prove that you have any more keys, and you can deny it to your heart's content.

        TrueCrypt allows for nesting a hidden volume inside a normally
        encrypted volume. A trivial implementation of this would not
        interact well with an FFS outer encrypted volume, but could
        definitely be a good approach for those interested:

        http://www.truecrypt.org/docs/?s=hidden-volume
        http://www.truecrypt.org/docs/?s=plausible-deniability

--
                David/absolute       -- www.NetBSD.org: No hype required --



Home | Main Index | Thread Index | Old Index