[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Full-disclosure] Encrypted files and the 5th amendment
- To: Tim <tim-security@xxxxxxxxxxxxxxxxxxx>
- Subject: Re: [Full-disclosure] Encrypted files and the 5th amendment
- From: Callum Finlayson <callum.finlayson@xxxxxxxxx>
- Date: Tue, 12 Jul 2011 22:36:39 +0100
The point is that it's essentially impossible to whether there's any
encrypted partition present (or how many).
Sent from my iPhone
On 12 Jul 2011, at 22:21, Tim <tim-security@xxxxxxxxxxxxxxxxxxx> wrote:
>>> Tim, I actually use TruCrypt now to do exactly what you speak
>>> of. I pre-allocate a fixed virtual disk, and use one passcode
>>> for one section of data and a different passcode for a different
>>> section of data. It is impossible to determine if the disk is
>>> set up in this manner, and impossible to tell which section of
>>> data is being used. It is actually quite easy to do.
>>>
>>
>> All fine and dandy until the authorities say "Your honor, the
>> defendant
>> is using nested encryption, we didn't find the
>> $self_incriminating_evidence so he obviously hasn't complied with our
>> request".
>>
>> double-edged sword.
>
>
> Yeah, exactly. Any investigator worth their salt will be able to tell
> the partition that got decrypted is not big enough to account for
> encrypted disk space. That's where the one-time pad can create true
> plausible deniability, if used correctly. Any ciphertext of length N
> can decrypt to any plaintext of length N. Too bad it is too much of a
> pain to implement in practice.
>
> Thor: maybe you could make the investigator's job harder through a
> combination of compression and encryption with a similar
> dual-partition scheme as you're using with trucrypt.
>
> tim
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.grok.org.uk/full-disclosure-charter.html
> Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/