Depends on what you want to avoid.I don't think there is much danger of severe torture, but I don't think "innocent-until-proven-guilty" applies either, and suspicion should be minimised or avoided.
Best solution for software is dual-use - 7-zip for file encryption, standard s/mime capable email software (such as thunderbird or even outlook express) for pki. However, encrypted emails are *always* going to stick out like a sore thumb if intercepted, and even the output of most stego packages will look suspect (unless your aid worker is in the habit of sending large numbers of digital photos by email. This could be arranged - get him to take new, original photos of what he sees while doing his work, use them exactly once for stego, then keep the stegoed versions around on the hd so that any comparison later will show the "original" version identical to the intercepted email version.
Probably the best overall solution to this would be a bootable mini-cd; a mini-linux distro would give a gui, and still leave room for conventional encryption packages, stego packages and the user's secret/public keyring, leave no trace on the HD at all (no matter how good the forensic package), can be hidden in a wallet amongst credit cards, and can be distroyed trivially by simply scratching off the printed surface with the back of a key or against a rough surface such as a wall or stone paving slab (ie, drop it face down, then stand on it and move foot back and forth until you have an oblong of worthless plastic and a slightly messy walkway)
assuming stego, you could load digicam photos (either via a driver on the minicd or via windows, whichever you happen to be using at the time) not long after they were taken, for later stego purposes, and the space they use on the digicam reused for more photos before the first set were used for stego (or again, if in a hurry, just remove and discard the sd card from the cam)
--------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
