surrendering one's passphrase to authorities

David Shaw dshaw at jabberwocky.com
Wed Mar 4 20:36:01 CET 2009


On Wed, Mar 04, 2009 at 10:38:23AM -0500, vedaal at hush.com wrote:
> >Date: Tue, 3 Mar 2009 19:21:46 -0500
> >From: David Shaw <dshaw at jabberwocky.com>
> >Subject: Re: surrendering one's passphrase to authorities
> 
> >> Folks on this list have said for years that rubber-hose key 
> >extraction
> >> is orders of magnitude faster than brute-force computation.
> >
> >... and cue the XKCD: http://www.xkcd.com/538/
> 
> 
> well, here is another aspect of a 'crypto-nerd's' imagination ;-) :
> 
> suppose the goal would be to design an encrypted laptop where even 
> authorities willing to use torture, would concede that the contents 
> are not decryptable and that no information would be obtainable by 
> even the most effective torture, 
> how would one go about it?

Why do you assume they wouldn't torture you anyway?  ("Reveal your
backups to us!"  "I didn't keep backups!"  "We don't believe you!")

After a news story like this, there is often a thread about technical
solutions to the problem (more encryption, better key management,
using hidden partitions that decrypt to pictures of puppies and
flowers instead of the illegal content when a different passphrase is
given, etc).

I suspect things would go rather like this:
http://www.mail-archive.com/cryptography@metzdowd.com/msg10391.html

David



More information about the Gnupg-users mailing list