On Tue, Mar 03, 2009 at 01:20:22PM -0500, Perry E. Metzger wrote:
> Adam Fields <cryptography23094...@aquick.org> writes:
> > The privacy issues are troubling, of course, but it would seem trivial
> > to bypass this sort of compulsion by having the disk encryption
> > software allow multiple passwords, each of which unlocks a different
> > version of the encrypted partition.
> This sort of thing has been discussed for a long time, but I doubt
> that would work in practice. Law is not like software. Judges operate
> on reasonableness, not on literal interpretation. If it was reasonably
> obvious that you were using software like that and probably not
> cooperating, the judge would just throw you in jail for contempt of
> court anyway.

I don't see how it would be reasonably obvious, especially if lots of
disk encryption packages started offering multiple partitions as a
transparent option. All you'd see is a bunch of random bits on the
disk and a password prompt.

They ask you for the password, you put up a fight, and then ultimately
relent and give it to them when they insist.

> > When compelled to give out your password, you give out the one that
> > unlocks the partition full of kitten and puppy pictures, and who's to
> > say that's not all there is on the drive?
> Well, it should be clear that any such scheme necessarily will produce
> encrypted partitions with less storage capacity than one with only one
> set of cleartext. You can't magically store 2N bytes in an N byte
> drive -- something has to give. It should therefore be reasonably
> obvious from partition sizes that there is something hidden.

I don't see how you could tell the difference between a virtual 40GB
encrypted padded partition and 2 virtual 20GB ones. Many virtual disk
implementations will pre-allocate the space. Is there some reason why
filling the empty space with random garbage wouldn't mask the fact
that there were actually multiple partitions in there? There's no law
that says your empty disk space has to actually be empty. (Yet.)

> In any case, unless you're really very energetic about it, it will be
> obvious from things like access times and other content clues ("gee,
> why is there nothing in the browser cache from the current year?")
> that what is there is not the "real" partition you use day to day.

I think we're talking about a straight data storage partition here. It
doesn't seem to hard to have something touch random files on a regular
basis. Regardless, that seems like a weak complaint - all you have to
do is log into the other partition once a week and use it to browse
cuteoverload or something. 

But, most importantly, you haven't given a good reason not to offer
this as a standard option. Maybe it wouldn't work, but maybe it

                                - Adam

** Expert Technical Project and Business Management
**** System Performance Analysis and Architecture
****** [ http://www.adamfields.com ]

[ http://workstuff.tumblr.com ] ........... Technology Blog
[ http://www.aquick.org/blog ] ............ Personal Blog
[ http://www.adamfields.com/resume.html ].. Experience
[ http://www.flickr.com/photos/fields ] ... Photos
[ http://www.twitter.com/fields ].......... Twitter
[ http://www.morningside-analytics.com ] .. Latest Venture
[ http://www.confabb.com ] ................ Founder

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majord...@metzdowd.com

Reply via email to