Disk Partition

vedaal at hush.com vedaal at hush.com
Sun Oct 9 09:11:17 CEST 2005 

>Message: 8
>Date: Sat, 8 Oct 2005 19:45:33 +0200
>From: zvrba at globalnet.hr
>Subject: Re: Disk Partition

>On Sat, Oct 08, 2005 at 08:01:15PM +0400, lusfert wrote:
>> zvrba at globalnet.hr wrote:
>> > On Sat, Oct 08, 2005 at 04:30:41PM +0400, lusfert wrote:

>> > IMHO, There is a problem in that the data looks TOO MUCH 
>random, i.e. it has
>> > much higher entropy than would result by "normal" computer 
>usage. Such high 
>> > entropy is a strong indication that the data is encrypted.

> In some scenarios (when it comes to 
>e.g.
>court cases, or even blackmails or life threats), the person using 
>this
>product in good faith (believing that the encryption really _is_ 
>deniable)
>would be in a very bad position.
>
>Explaining a large quantity of high-entropy data in a plausible 
>manner is
>extremely hard. The presence of such data gives a strong 
>indication of
>encryption. If you argue that you used some "secure delete 
>program",
>then you're _again_ in a bad position because it implies that you 
>have
>to hide something and again raise suspicion.
>
>So, instead of teaching me what kind of software should I use, can 
>you
>please give an example of plausible explanation for large amount 
>of
>high-entropy data on the disk? And have in mind a very determined,
>knowledgeable and resourceful adversary while constructing the 
>explanation.


i don't know about cross-crypt,

but do have experience with truecrypt,
and must say that am surprisingly quite fond of it 


'plausible deniability', is explained in the truecrypt faq,
and is accomplished by using a 'hidden volume' within the
truecrypt container

[1] let the hidden volume be less than 10% of the total container 
volume

[2] do not use more than one truecrypt volume
(unless you have your own very convincing reasons why you need more 
than one ;-)  )

[3]partially fill the truecrypt volume with mildly personal/private 
things
(not really 'secrets', but things that are plausible to want to 
have encrypted, and which you would not mind releasing to the 
authorities,
i.e. your medical history [the authorities can get it anyway ;-) ]

[4] keep the 'real' secrets in the hidden volume

[5] the unused space in the truecrypt volume when the volume is not 
mounted, has the same level of random data as when there is no 
hidden volume, so the presence of a hidden volume is plausibly 
deniable,
and the reason for wanting the other things in the truecrypt volume 
encrypted is satisfactorily explained


btw,

if the truecrypt developers changed their license conditions to 
comply with GPL,
and only 'requested'
that programs that used true-crypt source-code,
forwarded a report to them
(not an unreasonable courtesy),

would that be enough to consider use of true-crypt as part of gnupg 
?

the only things missing from true-crypt are:
smart card support,
the ability to encrypt to a key,
authentication with a key,

this could easily be integrated into a gnupg-truecrypt combination
(possibly without using serpent, or multiple encryption sequences)
without any changes in the algorithms in gnupg/open pgp


vedaal





Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program: 
http://www.hushmail.com/about-affiliate?l=427

More information about the Gnupg-users mailing list