Two convicted in U.K. for refusal to decrypt data

Brian Mearns mearns.b at
Fri Aug 14 16:38:11 CEST 2009

On Wed, Aug 12, 2009 at 10:46 PM, Joseph Oreste Bruni<jbruni at> wrote:
> Not entirely on topic, but for those using GnuPG (or other encryption
> software), you should always keep abreast of the encryption laws of your
> country.

Has everyone seen the "Vanish" project from University of Washington?

If you haven't you should really give their paper a read, it's pretty
interesting. The basic idea is that the key is random, and no-one
actually needs to "know" it: it's broken up using secret sharing and
dsitributed through a peer-to-peer network. The recipient can retrieve
the shares and reconstruct the key for a one-time decryption, but over
time, the shares should naturally leave the network and eventually the
key is lost completely.

I have my doubts, but I'm open to the possibility that it could work,
and I'm very interested to see how law-enforcement will respond if it
does. Will they force all p2p nodes to log everything, try to monitor
networks themselves, or just plain make the system illegal?

Feel free to contact me using PGP Encryption:
Key Id: 0x3AA70848
Available from:

More information about the Gnupg-users mailing list