Truecrypt supports an inner and outer encrypted volume, encryption
hidden inside encryption, the intended usage being that you reveal the
outer encrypted volume, and refuse to admit the existence of the inner
hidden volume.
To summarize the judgment: Plausibile deniability, or even not very
plausible deniability, means you don't have to produce the key for the
inner volume. The government first has to *prove* that the inner volume
exists, and contains something hot. Only then can it demand the key for
the inner volume.
Defendant revealed, or forensics discovered, the outer volume, which was
completely empty. (Bad idea - you should have something there for
plausible deniability, such as legal but mildly embarrassing
pornography, and a complete operating system for managing your private
business documents, protected by a password that forensics can crack
with a dictionary attack)
Forensics felt that with FIVE TERABYTES of seemingly empty truecrypt
drives, there had to be an inner volume, but a strong odor of rat is no
substitute for proof.
(Does there exist FIVE TERABYTES of child pornography in the entire world?)
Despite forensics suspicions, no one, except the defendant, knows
whether there is an inner volume or not, and so the Judge invoked the
following precedent.
http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf
That producing the key is protected if "conceding the existence,
possession, and control of the documents tended to incriminate" the
defendant.
The Judge concluded that in order to compel production of the key, the
government has to first prove that specific identified documents exist,
and are in the possession and control of the defendant, for example the
government would have to prove that the encrypted inner volume existed,
was controlled by the defendant, and that he had stored on it a movie
called "Lolita does LA", which the police department wanted to watch.
_______________________________________________
cryptography mailing list
[email protected]
http://lists.randombit.net/mailman/listinfo/cryptography
