surrendering one's passphrase to authorities

David Shaw dshaw at jabberwocky.com
Tue Mar 3 23:12:23 CET 2009


On Tue, Mar 03, 2009 at 02:31:13PM -0700, Joseph Oreste Bruni wrote:
> http://www.theregister.co.uk/2009/03/03/encryption_password_ruling/
>
> Hi List,
>
> This article caught my eye. One of the things that I gleaned from the  
> article is that it's obvious that law enforcement (at this level) does  
> not have the ability to brute-force crack PGP encrypted data. Instead,  
> the courts are attempting to force the surrender of the passphrase.

Well, maybe.  It's also possible that law enforcement does have the
ability to get into the encrypted data (by some means - I doubt brute
force), but does not want the knowledge of that ability to be made
public.

(Note, incidentally, that this seems to be the "PGP Whole Disk"
product, rather than a PGP message, a la OpenPGP.)

It's an odd case.  Law enforcement *knows* what is on the laptop in
this case.  They saw it there before the computer was powered down
(thus locking the drive).  They are arguing over whether the
protection against self-incrimination (part of the US Bill of Rights,
for those who don't live here) even applies - after all, if law
enforcement already knows what is there, revealing the contents does
not incriminate.

Anyway, I, of course, am not a lawyer.  Instead, here is a discussion
of this case from someone who is:
http://volokh.com/posts/chain_1197670606.shtml

David



More information about the Gnupg-users mailing list