surrendering one's passphrase to authorities
David Shaw
dshaw at jabberwocky.com
Wed Mar 4 20:36:01 CET 2009
On Wed, Mar 04, 2009 at 10:38:23AM -0500, vedaal at hush.com wrote:
> >Date: Tue, 3 Mar 2009 19:21:46 -0500
> >From: David Shaw <dshaw at jabberwocky.com>
> >Subject: Re: surrendering one's passphrase to authorities
>
> >> Folks on this list have said for years that rubber-hose key
> >extraction
> >> is orders of magnitude faster than brute-force computation.
> >
> >... and cue the XKCD: http://www.xkcd.com/538/
>
>
> well, here is another aspect of a 'crypto-nerd's' imagination ;-) :
>
> suppose the goal would be to design an encrypted laptop where even
> authorities willing to use torture, would concede that the contents
> are not decryptable and that no information would be obtainable by
> even the most effective torture,
> how would one go about it?
Why do you assume they wouldn't torture you anyway? ("Reveal your
backups to us!" "I didn't keep backups!" "We don't believe you!")
After a news story like this, there is often a thread about technical
solutions to the problem (more encryption, better key management,
using hidden partitions that decrypt to pictures of puppies and
flowers instead of the illegal content when a different passphrase is
given, etc).
I suspect things would go rather like this:
http://www.mail-archive.com/cryptography@metzdowd.com/msg10391.html
David
More information about the Gnupg-users
mailing list