surrendering one's passphrase to authorities

vedaal at vedaal at
Wed Mar 4 16:38:23 CET 2009

>Date: Tue, 3 Mar 2009 19:21:46 -0500
>From: David Shaw <dshaw at>
>Subject: Re: surrendering one's passphrase to authorities

>> Folks on this list have said for years that rubber-hose key 
>> is orders of magnitude faster than brute-force computation.
>... and cue the XKCD:

well, here is another aspect of a 'crypto-nerd's' imagination ;-) :

suppose the goal would be to design an encrypted laptop where even 
authorities willing to use torture, would concede that the contents 
are not decryptable and that no information would be obtainable by 
even the most effective torture, 
how would one go about it?

possible suggestion:

[1] encrypt the drive to a passphrase and also a smart-card 
(let's dream and make the smart-card 4k rsa or better ;-) )

(and as long as we're dreaming anyway ... ;-) )
[2] allow the smart-card to be identifiable by the laptop as the 
correct one, with a unique identifier code when inserted into the 

[3] enable the smart-card with a data self-erase, and data self-
destruct mechanism, but leaving the identifier intact

[4] once the smart-card has the self-erase and self-destruct 
mechanism activated by the bearer, the laptop bearer can surrender 
the smart-card,
the laptop reads it and reports:

*** smart-card indentity verified ***
*** smart-card passphrase unreadable ***
*** smart-card 'Self-Destruct Hardware' (Tm, copyleft GPL) was 
*** smart-card no longer functional ***
*** decryption no longer possible ***

and while the authorities might be tempted to vengefully harm the 
it would be clear that they would be unable to access the laptop 
through torture


any ads or links below this message are added by hushmail without 
my endorsement or awareness of the nature of the link

Become a medical transcriptionist at home, at your own pace.

More information about the Gnupg-users mailing list