surrendering one's passphrase to authorities

David Shaw dshaw at
Wed Mar 4 20:36:01 CET 2009

On Wed, Mar 04, 2009 at 10:38:23AM -0500, vedaal at wrote:
> >Date: Tue, 3 Mar 2009 19:21:46 -0500
> >From: David Shaw <dshaw at>
> >Subject: Re: surrendering one's passphrase to authorities
> >> Folks on this list have said for years that rubber-hose key 
> >extraction
> >> is orders of magnitude faster than brute-force computation.
> >
> >... and cue the XKCD:
> well, here is another aspect of a 'crypto-nerd's' imagination ;-) :
> suppose the goal would be to design an encrypted laptop where even 
> authorities willing to use torture, would concede that the contents 
> are not decryptable and that no information would be obtainable by 
> even the most effective torture, 
> how would one go about it?

Why do you assume they wouldn't torture you anyway?  ("Reveal your
backups to us!"  "I didn't keep backups!"  "We don't believe you!")

After a news story like this, there is often a thread about technical
solutions to the problem (more encryption, better key management,
using hidden partitions that decrypt to pictures of puppies and
flowers instead of the illegal content when a different passphrase is
given, etc).

I suspect things would go rather like this:


More information about the Gnupg-users mailing list