On Fri, 2004-12-17 at 19:32, Volker Kuhlmann wrote:
Or the contemporary slightly more civilised but otherwise identical variant of the Brits:
Police to you: give us your encryption keys now or else we'll take you straight to the bunker.
Volker
I do recall reading an article in the Press (I think) several years ago that said: It is illegal to use any encryption higher that 256 bit in the U.S. - as I recall the article said that anything higher is EXTREMELY difficult for the spooks at Langley to crack. In the U.K. you can use anything you like but you must hand over the key, on demand, to their 'agencies'. Refusal will get you a custodial holiday and put onto every security list that they have. Maybe things have changed but I very much doubt it.
The best solution is to look like you are sending an unencrypted message, so it doesn't raise the "red flag". That is, use information hiding (steganography). For example: take some pretty shots of the NZ countryside, encode in jpg, then hide your compressed, encrypted info in the jpg with one of the tools available. You can now send your photo to whomever, and they will get your extra info embedded. Note that I'm talking about actually subtly changing the pixels of the actual picture, not just embedding something in the comment field of the jpeg file format. You can hide info in all sorts of stuff - even executable files. Short story is, if you really want to transmit something in secret, you can do so, and the lower the information content, the easier it is.
Cheers, Carl.
