From: Moji <lordmoji@gmail.com>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] cryptsetup, LUKS, plausible deniability
Date: Tue, 15 Sep 2009 20:50:07 -0500 [thread overview]
Message-ID: <4AB0444F.4090000@gmail.com> (raw)
In-Reply-To: <20090914205644.GB4432@tansi.org>
Arno Wagner wrote:
> On Mon, Sep 14, 2009 at 01:25:48PM +0200, Mario 'BitKoenig' Holbe wrote:
>> Arno Wagner <arno@wagner.name> wrote:
> [...]
>>> If you want more, use TrueCrypt, but I would be very careful
>>> with plausible deniablility anyways. Your protection is primarily
>>> that they cannot force you to give up your keys. If you live
>>> in a country were they can, I propose to very seriously consider
>>> leaving that country for good. See also http://xkcd.com/538/
>> That's exactly the reason for plausible deniability. You know they are
>> able to force you to give them your key(s), so you prepare some keys to
>> give them (along with some data which makes some sense to be encrypted)
>> and the system gives you the ability to plausibly deny the existence of
>> more keys. Just in the hope they stop cutting your extremities after the
>> 6th finger because you convinced them.
>
> I would say plausible deniability has the potential to make
> them continue even after you have given them everything, after
> all you could have hidden more with the "plausible deniability
> thing".
>
> On a related note, there has been a lot of evidence that
> torture does not work (foremost the French in Aleria, that
> failed to find the headquaters of the resistance for years,
> despite torturing resistance fighters). For one thing people
> are likely to give you false information. This leads me to the
> conclusion that most torturers and their bosses are actually
> not interested in information, but in the cruelty itself.
>
> So I would say that plausible deniability is of very low value
> in practice and may have potential negative value in some
> situations. With plausible deniability they are sure to
> torture you untill you are completely broken, while without
> it, you can give them everything in a way they can actually
> verify. It is possible that you have information that still
> merits being protected under these circumstances, but I don't.
> Plausible deniability basically assumes the life of the person
> having the key is worth less than the information.
Many countries can and do torture people, but this is not true for all
countries.
So I do not think that everything should have to pass the "What if
torture" filter in order for it to be considered a valid idea.
Plausible deniability has legal ramifications that are beneficial in
those more litigious societies, to which many people belong.
This shifts the burden of proof to the opposing attorney/agency to prove
that random data represents information that you are obscuring.
Something that should be cryptologically difficult as long as the
algorithm you used is sound.
-MJ
next prev parent reply other threads:[~2009-09-16 1:50 UTC|newest]
Thread overview: 31+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-12 21:53 [dm-crypt] cryptsetup, LUKS, plausible deniability Ivan Stankovic
2009-09-12 22:22 ` Arno Wagner
2009-09-13 8:56 ` Tommaso
2009-09-13 9:07 ` [dm-crypt] OT: spam? Tommaso
2009-09-13 9:12 ` Rick Moritz
2009-09-13 10:00 ` Heinz Diehl
2009-09-13 18:37 ` Arno Wagner
2009-09-13 18:36 ` [dm-crypt] cryptsetup, LUKS, plausible deniability Arno Wagner
2009-09-13 19:44 ` Ivan Stankovic
2009-09-14 3:32 ` Arno Wagner
2009-09-14 7:28 ` Rick Moritz
2009-09-14 21:04 ` Arno Wagner
2009-09-13 18:04 ` Sven Eschenberg
[not found] ` <4AACA98F.2060002@redhat.com>
2009-09-13 18:28 ` Arno Wagner
2009-09-13 18:52 ` Milan Broz
2009-09-14 1:21 ` Sitaram Chamarty
2009-09-14 11:25 ` Mario 'BitKoenig' Holbe
2009-09-14 20:56 ` Arno Wagner
2009-09-14 23:45 ` Mario 'BitKoenig' Holbe
2009-09-15 0:04 ` test532
[not found] ` <6842.57094185359$1253045311@news.gmane.org>
2009-09-16 19:32 ` Mario 'BitKoenig' Holbe
2009-09-16 21:41 ` Debian User
2009-09-17 18:26 ` test532
2009-09-18 1:20 ` Arno Wagner
2009-09-18 4:00 ` test532
[not found] ` <20090915200808.2DD0F4250006@tansi.org>
2009-09-15 20:32 ` Arno Wagner
2009-09-16 19:41 ` Mario 'BitKoenig' Holbe
2009-09-16 21:30 ` Arno Wagner
2009-09-16 1:50 ` Moji [this message]
2009-09-16 19:50 ` Mario 'BitKoenig' Holbe
2009-09-16 21:05 ` test532
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4AB0444F.4090000@gmail.com \
--to=lordmoji@gmail.com \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox