plausibly deniable

Faramir at
Fri Jul 23 09:35:09 CEST 2010

Hash: SHA256

Robert J. Hansen escribió:
>> An interrogator as described in this thread is a movie plot threat. In
>> reality, nobody is going to torture you for your key...
> The point is not about torture.  The point is about interrogation.
> Imagine this scenario: you've been sending innocuous encrypted traffic
> to a correspondent.  Unknown to you, your correspondent is involved in
> drug trafficking.  You're arrested on suspicion of drug trafficking and
> brought to speak with the prosecutor.  You happily decrypt your
> innocuous emails.  The prosecutor now asks to see the contents of your
> TrueCrypt container.  You comply, since there's nothing illegal in there
> -- just your tax records (which the prosecutor already has anyway).
> The prosecutor tells you to produce the contents of the hidden
> container.  "But I don't have an encrypted container!"  Prove it.  "I
> can't!"  Then I guess we have no choice but to keep our investigation on

  That scenario is very scary, indeed... At first I thought the
"innocent unless proven guilty" should protect us, that is, it is not
our "job" to prove we don't have a hidden volume, but it's the
prosecutor job to prove we have it. But it's right, in an attempt to
prove there is a hidden volume, the prosecutor can make our lives miserable.

  By the way, do you know if it is possible to have more than one hidden
volume inside a single container? I searched the documentation but
couldn't find anything about that. _If only one_ hidden volume can be
created, then the solution would be to actually create one, and leave it
empty. If the prosecutor ask for it, you can show you don't have any
hidden information there. Of course, doing that, you no longer have
plausibly deniability.

  Best Regards
Version: GnuPG v1.4.10 (MingW32)
Comment: Using GnuPG with Mozilla -


More information about the Gnupg-users mailing list