To more fully quote Adam's question:
> When compelled to give out your password, you give out the one that
> unlocks the partition full of kitten and puppy pictures, and who's to
> say that's not all there is on the drive?
> Is there any disk encryption software for which this is common
> practice?

On Tue, Mar 03, 2009 at 05:37:40PM -0500, Ivan Krsti?? wrote:
> In terms of fairly widely used software, yes, TrueCrypt offers hidden
> volumes:
>     <>

Hidden volumes are interesting, but TrueCrypt's specific implementation
(one hidden volume per "decoy" container) fails to address the case
in which an adversary has knowledge of the hidden volume, which is where
I think Adam's question was going.  If they do, no amount of decoy data
is going to convince them that what they seek has been divulged, and
they will continue to "compel" until they have what they want.

To defend against such an "attack", one would need two hidden volumes:
one for decoy data and the other for the real data.  There are still
problems with that approach (such as how the adversary gained knowledge
of a hidden volume in the first place), but it should satisfy the
switch-for-puppies defense.  No software I know of does this by default.


The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to

Reply via email to