On Wed, Feb 09, 2011 at 05:18:35PM -0800, Derek Simkowiak wrote: > TrueCrypt has a plausible deniability feature for such countries:
The protection of encrypted data in opposition to legal obligation or duress has long been a problem. Although I know of no implementation for encrypted disk systems, the (m,n)-threshold scheme could be used to provide a solution.[1] In this system, m people hold partial keys and if n of them provide a partial key, the encryption/decryption can be performed. Here's the interesting part: If m-n+1 people decline or PROVIDE AN INVALID PARTIAL KEY, the decryption will fail and IT'S NOT POSSIBLE TO DETERMINE WHO PROVIDED INVALID PARTIAL KEYS. A practical implementation would use a symmetric key for the data encryption and decryption, but the key is available only after it's been decrypted by n keyholders. Sigh, I know trojan code could reveal the symmetric key. You gotta trust the system unless this was implemented as part of the storage system's firmware. Furthermore, it would be a great pain to have gather n people to boot the system. I just couldn't pass up the opportunity to share this unwieldy, but perhaps sufficient solution. Oh, and you tell the judge "I didn't implement this to deny you access. I'm fearful some bad guys may threaten us and now only a small number of keyholders are sufficient to deny them access in secret." [1] Bruce Schneier's Applied Cryptography describes in the discussion of "Secret Sharing". -- Randolph Bentson [email protected]
