Re: X.509 certificate overview + status
Travis wrote: Recently I set up certificates for my server's SSL, SMTP, IMAP, XMPP, and OpenVPN services. Actually, I created my own CA for some of the certificates, and in other cases I used self-signed. plug BTW, we give away free certificates for XMPP services here: http://xmpp.org/ca/ The root CA is StartCom, which is accepted in Mozilla, OS X, and various other cert stores. I've noticed that these certs are becoming quite popular on the XMPP network (plus, they result none of those cert warnings that scare of normal users). /plug Peter -- Peter Saint-Andre https://stpeter.im/ smime.p7s Description: S/MIME Cryptographic Signature
Re: X.509 certificate overview + status
On Mon, 2 Mar 2009 17:35, marcus.brinkm...@ruhr-uni-bochum.de said: Ubuntu comes with dumpasn1. There are also quite a few libraries. You may also import the certificate into GnuPG (gpgsm --import foo) and run gpgsm --dump-cert to get a human readable printout. Example: $ gpgsm --dump-cert 0x39F4F81B /home/foo/.gnupg/pubring.kbx --- ID: 0x39F4F81B S/N: 01D8 Issuer: CN=12R-CA 1:PN,O=Bundesnetzagentur,C=DE Subject: CN=TeleSec PKS SigG CA 17:PN,O=Deutsche Telekom AG,C=DE sha1_fpr: 13:0C:16:2D:91:68:7C:E0:AE:95:6F:11:08:34:3A:26:39:F4:F8:1B md5_fpr: D7:2B:65:D3:E6:5C:54:DB:B7:4A:47:49:6E:CF:36:F1 certid: D6C0C14EE753E3D147C0827A4C8D579F130DEFD4.01D8 keygrip: EC4EC0D13B47680C28869929D76B3357838CEC11 notBefore: 2007-11-08 09:22:57 notAfter: 2012-01-01 12:00:00 hashAlgo: 1.2.840.113549.1.1.13 (sha512WithRSAEncryption) keyType: 2048 bit RSA subjKeyId: 57A001BB58498529AEE9DFAD6810FA056F5F3A9B authKeyId: [none] authKeyId.ki: 04DE9D7FDF437289BA694901F4E84928DE02196F keyUsage: certSign extKeyUsage: [none] policies: 1.3.36.8.1.1 chainLength: 0 crlDP: ldap://ldap.nrca-ds.de:389/CN=CRL,O=Bundesnetzagentur,C=DE,dc=ldap,dc=nrca-ds,dc=de?certificateRevocationList;binary?base?objectClass=cRLDistributionPoint issuer: none authInfo: 1.3.6.1.5.5.7.48.1 (ocsp) http://ocsp.nrca-ds.de:8080/ocsp-ocspresponder subjInfo: [none] extn: 1.3.6.1.5.5.7.1.3 (qcStatements) [12 octets] extn: 1.3.6.1.5.5.7.1.1 (authorityInfoAccess) [62 octets] extn: 1.3.6.1.4.1.8301.3.5 (validityModel) [14 octets] CERTID and KEYGRIP are GnuPG specific. Shalom-Salam, Werner -- Die Gedanken sind frei. Auschnahme regelt ein Bundeschgesetz. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Judge orders defendant to decrypt PGP-protected laptop
Quoting: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious concerns about self-incrimination in an electronic age. http://news.cnet.com/8301-13578_3-10172866-38.html -- Perry E. Metzgerpe...@piermont.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, 03 Mar 2009 12:26:32 -0500 Perry E. Metzger pe...@piermont.com wrote: Quoting: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious concerns about self-incrimination in an electronic age. http://news.cnet.com/8301-13578_3-10172866-38.html I would not read too much into this ruling -- I think that this is a special situation, and does not address the more important general issue. To me, this part is crucial: Judge Sessions reached his conclusion by citing a Second Circuit case, U.S. v. Fox, that said the act of producing documents in response to a subpoena may communicate incriminating facts in two ways: first, if the government doesn't know where the incriminating files are, or second, if turning them over would implicitly authenticate them. Because the Justice Department believes it can link Boucher with the files through another method, it's agreed not to formally use the fact of his typing in the passphrase against him. (The other method appears to be having the ICE agent testify that certain images were on the laptop when viewed at the border.) Sessions wrote: Boucher's act of producing an unencrypted version of the Z drive likewise is not necessary to authenticate it. He has already admitted to possession of the computer, and provided the government with access to the Z drive. The government has submitted that it can link Boucher with the files on his computer without making use of his production of an unencrypted version of the Z drive, and that it will not use his act of production as evidence of authentication. In other cases, where alternative evidence is not available to the government, and where government agents have not already had a look at the contents, the facts (and hence perhaps the ruling) would be different. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, Mar 03, 2009 at 12:26:32PM -0500, Perry E. Metzger wrote: Quoting: A federal judge has ordered a criminal defendant to decrypt his hard drive by typing in his PGP passphrase so prosecutors can view the unencrypted files, a ruling that raises serious concerns about self-incrimination in an electronic age. http://news.cnet.com/8301-13578_3-10172866-38.html The privacy issues are troubling, of course, but it would seem trivial to bypass this sort of compulsion by having the disk encryption software allow multiple passwords, each of which unlocks a different version of the encrypted partition. When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Is there any disk encryption software for which this is common practice? -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
Adam Fields cryptography23094...@aquick.org writes: The privacy issues are troubling, of course, but it would seem trivial to bypass this sort of compulsion by having the disk encryption software allow multiple passwords, each of which unlocks a different version of the encrypted partition. This sort of thing has been discussed for a long time, but I doubt that would work in practice. Law is not like software. Judges operate on reasonableness, not on literal interpretation. If it was reasonably obvious that you were using software like that and probably not cooperating, the judge would just throw you in jail for contempt of court anyway. When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Well, it should be clear that any such scheme necessarily will produce encrypted partitions with less storage capacity than one with only one set of cleartext. You can't magically store 2N bytes in an N byte drive -- something has to give. It should therefore be reasonably obvious from partition sizes that there is something hidden. In any case, unless you're really very energetic about it, it will be obvious from things like access times and other content clues (gee, why is there nothing in the browser cache from the current year?) that what is there is not the real partition you use day to day. Perry -- Perry E. Metzgerpe...@piermont.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
At 13:08 -0500 03.03.2009, Adam Fields wrote: When compelled to give out your password Unless I'm misunderstanding the ruling, Boucher is not being compelled to produce his passphrase (like he could under RIPA Section 49 in the UK), but he is being told to produce the unencrypted contents of the drive. Assuming I'm interpreting the ruling correctly, this seems little different than a judge approving a search warrant for a residence, whose execution could produce incriminating evidence that is usable in court. There is a chasm of difference between being compelled to produce keys, which could be subsequently reused with other encrypted material, and being compelled to produce specific unencrypted data, which is much more narrowly scoped and therefore less intrusive. s. - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, Mar 03, 2009 at 01:20:22PM -0500, Perry E. Metzger wrote: Adam Fields cryptography23094...@aquick.org writes: The privacy issues are troubling, of course, but it would seem trivial to bypass this sort of compulsion by having the disk encryption software allow multiple passwords, each of which unlocks a different version of the encrypted partition. This sort of thing has been discussed for a long time, but I doubt that would work in practice. Law is not like software. Judges operate on reasonableness, not on literal interpretation. If it was reasonably obvious that you were using software like that and probably not cooperating, the judge would just throw you in jail for contempt of court anyway. I don't see how it would be reasonably obvious, especially if lots of disk encryption packages started offering multiple partitions as a transparent option. All you'd see is a bunch of random bits on the disk and a password prompt. They ask you for the password, you put up a fight, and then ultimately relent and give it to them when they insist. When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Well, it should be clear that any such scheme necessarily will produce encrypted partitions with less storage capacity than one with only one set of cleartext. You can't magically store 2N bytes in an N byte drive -- something has to give. It should therefore be reasonably obvious from partition sizes that there is something hidden. I don't see how you could tell the difference between a virtual 40GB encrypted padded partition and 2 virtual 20GB ones. Many virtual disk implementations will pre-allocate the space. Is there some reason why filling the empty space with random garbage wouldn't mask the fact that there were actually multiple partitions in there? There's no law that says your empty disk space has to actually be empty. (Yet.) In any case, unless you're really very energetic about it, it will be obvious from things like access times and other content clues (gee, why is there nothing in the browser cache from the current year?) that what is there is not the real partition you use day to day. I think we're talking about a straight data storage partition here. It doesn't seem to hard to have something touch random files on a regular basis. Regardless, that seems like a weak complaint - all you have to do is log into the other partition once a week and use it to browse cuteoverload or something. But, most importantly, you haven't given a good reason not to offer this as a standard option. Maybe it wouldn't work, but maybe it would. -- - Adam ** Expert Technical Project and Business Management System Performance Analysis and Architecture ** [ http://www.adamfields.com ] [ http://workstuff.tumblr.com ] ... Technology Blog [ http://www.aquick.org/blog ] Personal Blog [ http://www.adamfields.com/resume.html ].. Experience [ http://www.flickr.com/photos/fields ] ... Photos [ http://www.twitter.com/fields ].. Twitter [ http://www.morningside-analytics.com ] .. Latest Venture [ http://www.confabb.com ] Founder - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
Adam Fields cryptography23094...@aquick.org writes: Well, it should be clear that any such scheme necessarily will produce encrypted partitions with less storage capacity than one with only one set of cleartext. You can't magically store 2N bytes in an N byte drive -- something has to give. It should therefore be reasonably obvious from partition sizes that there is something hidden. I don't see how you could tell the difference between a virtual 40GB encrypted padded partition and 2 virtual 20GB ones. The judge doesn't need to know the difference to beyond any doubt. If the judge thinks you're holding out, you go to jail for contempt. Geeks expect, far too frequently, that courts operate like Turing machines, literally interpreting the laws and accepting the slightest legal hack unconditionally without human consideration of the impact of the interpretation. This is not remotely the case. I'll repeat: the law is not like a computer program. Courts operate on reasonableness standards and such, not on literal interpretation of the law. If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. Perry -- Perry E. Metzgerpe...@piermont.com - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On 2009-03-03, Stephan Somogyi wrote: There is a chasm of difference between being compelled to produce keys, which could be subsequently reused with other encrypted material, and being compelled to produce specific unencrypted data, which is much more narrowly scoped and therefore less intrusive. That is also why multi-level security and/or steganography exist. And why, eventually, every court order will mandate randomization of all data that wasn't decryptable. And why people will design stealthy methods of signaling to their disk that such deletion orders are to be disrespected. And why such drives will be forthwith banned. Et cetera, ad nauseam. So it goes. -- Sampo Syreeni, aka decoy - de...@iki.fi, http://decoy.iki.fi/front +358-50-5756111, 025E D175 ABE5 027C 9494 EEB0 E090 8BA9 0509 85C2 - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
With regards to alternative runtime decryptions, recall ... http://people.csail.mit.edu/rivest/Chaffing.txt The claim is that the approach is neither encryption nor steganography. Cheers, Scott - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Tue, 03 Mar 2009 13:53:50 -0500 Perry E. Metzger pe...@piermont.com wrote: Adam Fields cryptography23094...@aquick.org writes: Well, it should be clear that any such scheme necessarily will produce encrypted partitions with less storage capacity than one with only one set of cleartext. You can't magically store 2N bytes in an N byte drive -- something has to give. It should therefore be reasonably obvious from partition sizes that there is something hidden. I don't see how you could tell the difference between a virtual 40GB encrypted padded partition and 2 virtual 20GB ones. The judge doesn't need to know the difference to beyond any doubt. If the judge thinks you're holding out, you go to jail for contempt. Geeks expect, far too frequently, that courts operate like Turing machines, literally interpreting the laws and accepting the slightest legal hack unconditionally without human consideration of the impact of the interpretation. This is not remotely the case. I'll repeat: the law is not like a computer program. Courts operate on reasonableness standards and such, not on literal interpretation of the law. If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. Indeed. Let me point folks at http://www.freedom-to-tinker.com/blog/paul/being-acquitted-versus-being-searched-yanal -- which was in fact written by a real lawyer, a former prosecutor who is now a law professor. --Steve Bellovin, http://www.cs.columbia.edu/~smb - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Activation protocol for car-stopping devices
* Is there any standard cryptographic hash function with an output of about 64 bits? It's OK for our scenario if finding a preimage for a particular signature takes 5 days. Not if it takes 5 minutes. This is a protocol designed for nasty guys who want to steal your car, which would forcibly stop the car regardless of the wishes of the driver, remotely from anywhere on the Internet? And it's mandated by the government? These are not tracking devices, as your subject line said; they actively intervene in driving -- much more dangerous. As usual, it sounds like a great tool when used responsibly -- against stolen cars, though it will probably cause collisions, which could hardly be called accidents since they are easily foreseeable. And it's a terrible tool when used any other way (by criminals against cop cars, for example; or by Bulgarian virus authors against random cars; or by breaking into the DENATRAN and stealing and posting all the secrets; or by an invading army). It reminds me of the RFID passport design process: One entity figures out what would make ITS life easier (reading your passport while you're in line at the border), mandates a change, and ignores the entire effects on the rest of society that result. Why would you limit anything to 64 bits, or think it's OK that with 5 days of calculation *anyone* could do this to your mother's or daughter's car? Shouldn't tracking or disabling the car require the active cooperation of the car's owner, e.g. by the owner supplying a secret known only to them, and not recorded in a database anywhere (in the government, at the dealer, etc)? That way, if the protocol is actually secure, most of the evil ways to use it AGAINST the owner would be eliminated. John - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
At 02:45 PM 3/3/2009 -0500, Steven M. Bellovin wrote: On Tue, 03 Mar 2009 13:53:50 -0500 Perry E. Metzger pe...@piermont.com wrote: I'll repeat: the law is not like a computer program. Courts operate on reasonableness standards and such, not on literal interpretation of the law. If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. Indeed. Let me point folks at http://www.freedom-to-tinker.com/blog/paul/being-acquitted-versus-being-searched-yanal -- which was in fact written by a real lawyer, a former prosecutor who is now a law professor. Thanks Steve. As you know, of course, IAARL. And I know and have worked with Paul. I don't normally do me-too posts, and I don't normally post to this list at all; but I do want to me too this. I've been pointing folks to Paul's piece since the day (a weeks ago) he first published it, it's well worth reading. -Jim James S. Tyre jst...@jstyre.com Law Offices of James S. Tyre 310-839-4114/310-839-4602(fax) 10736 Jefferson Blvd., #512 Culver City, CA 90230-4969 Co-founder, The Censorware Project http://censorware.net Policy Fellow, Electronic Frontier Foundation http://www.eff.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Mar 3, 2009, at 1:08 PM, Adam Fields wrote: Is there any disk encryption software for which this is common practice? In terms of fairly widely used software, yes, TrueCrypt offers hidden volumes: http://www.truecrypt.org/docs/?s=hidden-volume I asked the same original question on this list in 2004, and some other software is mentioned in the replies: http://www.mail-archive.com/cryptography@metzdowd.com/msg02169.html -- Ivan Krstić krs...@solarsail.hcs.harvard.edu | http://radian.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
On Mar 3, 2009, at 1:53 PM, Perry E. Metzger wrote: If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. Why do you think it'd be obvious to you and me that a disk has multiple encrypted views? Contempt carries a burden of proof. If the guy has two encrypted volumes, one with a bunch of hardcore adult porn and the other with a bunch of kiddie porn, how does his unlocking the first one give you a 'preponderance of evidence' that he's obstructing justice or disobeying the court? It becomes a he-said-she-said with the CBP agent, your word against his. -- Ivan Krstić krs...@solarsail.hcs.harvard.edu | http://radian.org - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
Ivan Krstić krs...@solarsail.hcs.harvard.edu writes: On Mar 3, 2009, at 1:53 PM, Perry E. Metzger wrote: If it is obvious to you and me that a disk has multiple encrypted views, then you can't expect that a court will not be able to understand this and take appropriate action, like putting you in a cage. Why do you think it'd be obvious to you and me that a disk has multiple encrypted views? Contempt carries a burden of proof. If the guy has two encrypted volumes, one with a bunch of hardcore adult porn and the other with a bunch of kiddie porn, how does his unlocking the first one give you a 'preponderance of evidence' that he's obstructing justice or disobeying the court? It becomes a he-said-she-said with the CBP agent, your word against his. Again, you seem to be operating under the common geek misperception that courts operate like Turing machines, precisely and literally executing precisely defined legal concepts. They do not work that way. Courts work much more the way the high school vice principal who put you on detention for three weeks for throwing a snowball worked -- even though he didn't see you throw one, he just saw you were the only person in the general vicinity, even though it was all patently unfair since he had no proof by your lights. The law's idea of what sufficient evidence means is not what you, as a geek, think sufficient evidence means. For example, perhaps to you, beyond a reasonable doubt means something like there is no way you couldn't be guilty, while to a court it means nothing like that -- it means that an ordinary person (that is, not a geek, not a professional defense attorney, not a mystery novel addict) wouldn't have serious doubts about guilt. Not no doubts -- just no serious ones. The law is used to people trying to weasel out of trouble -- people have been trying to weasel out of trouble since the year 100,000 BC. Criminals were trying far more elaborate schemes to get out from under trouble than you will ever think of back in ancient Mesopotamia. You're not going to find something new that impresses a real court. Take a real common case. Someone is mugged by two people. One of them shoots the victim and neither will say which of them did it. You, the geek who thinks the law is a Turing machine, assume that neither can go to jail for murder. In the case of each criminal, you assume, there is a reasonable doubt as to whether or not the other guy did it. 50/50 is a way reasonable doubt! Well, that's not how the real legal system works. In the real legal system, the court will happily put both people in jail for murder even though there is only one bullet in the victim so only one person could have pulled the trigger. That's routine, in fact, never mind how unfair that seems to you. (The charge of felony murder exists precisely so that they don't need to know who pulled the trigger. As I said, they're used to people trying to weasel out of trouble.) But but! you scream, there has to be a reasonable doubt there! Only one of them could have done it, clearly one person is in jail unfairly, they both have to go free! -- well, that's the difference between you and a lawyer. The lawyer doesn't see this as unreasonable. The court system is not a Turing machine. Back to our topic: if the software can handle multiple hidden encrypted volumes and there is unaccounted for space and the volume you decrypt for them has nothing but pictures of bunnies and sunsets and hasn't been touched in a year, I think you're going to jail for contempt if the judge has ordered you to fork over the files. But!!! you insist, they don't have proof that I'm doing something qua proof, they just a strong suspicion! Why, it could be anything in that giant pool of random bits on the rest of the drive! How do they *know* it isn't just random bits? How do they *know* I don't just look at bunnies and sunsets and haven't opened that partition in a year? You only think that will protect you because you don't understand the legal system. You see, you're making this assumption that most people would call assuming the judge is an idiot. Judges take a very dim view of people playing them for fools, just like high school vice principals, and again, the legal system is not a Turing machine. The judge's superiors on the appeals court will take a similar view because they were once trial judges and don't like when judges are played for fools either. So, the court is not going to pay the least attention to your elaborate claims that you just like storing the output of your random number generator on a large chunk of your hard drive. They really don't give a damn about claims like that. Actually they do care. They'll be pissed off that you're wasting their time. If you believe otherwise, go right ahead, but as I said, the jails are filled with people who have tried very elaborate strategies for avoiding prison only to discover courts don't care. The courts are used to people not wanting to
Re: Judge orders defendant to decrypt PGP-protected laptop
To more fully quote Adam's question: When compelled to give out your password, you give out the one that unlocks the partition full of kitten and puppy pictures, and who's to say that's not all there is on the drive? Is there any disk encryption software for which this is common practice? On Tue, Mar 03, 2009 at 05:37:40PM -0500, Ivan Krsti?? wrote: In terms of fairly widely used software, yes, TrueCrypt offers hidden volumes: http://www.truecrypt.org/docs/?s=hidden-volume Hidden volumes are interesting, but TrueCrypt's specific implementation (one hidden volume per decoy container) fails to address the case in which an adversary has knowledge of the hidden volume, which is where I think Adam's question was going. If they do, no amount of decoy data is going to convince them that what they seek has been divulged, and they will continue to compel until they have what they want. To defend against such an attack, one would need two hidden volumes: one for decoy data and the other for the real data. There are still problems with that approach (such as how the adversary gained knowledge of a hidden volume in the first place), but it should satisfy the switch-for-puppies defense. No software I know of does this by default. RB - The Cryptography Mailing List Unsubscribe by sending unsubscribe cryptography to majord...@metzdowd.com
Re: Judge orders defendant to decrypt PGP-protected laptop
I would not read too much into this ruling -- I think that this is a special situation, and does not address the more important general issue. In other cases, where alternative evidence is not available to the government, and where government agents have not already had a look at the contents, the facts (and hence perhaps the ruling) would be different. Balls. This is a straight end-run attempt around the Fifth Amendment. The cops initially demanded a court order making him reveal his password -- then modified their stance on appeal after they lost. So he can't be forced to reveal it, but on a technicality he can be forced to produce the same effect as revealing it? Just how broad is this technicality, and how does it get to override a personal constitutional right? If the cops bust down your door and you foolishly left your computer turned on, are they entitled to make you reveal your encryption passwords anytime later, because your encrypted drive was accessible when they ran in screaming at your family and shooting your dog? Suppose they looked it over and typed a few things to the screen? Suppose they didn't? Suppose they used a fancy power-transfer plug to keep it running as they walked it out the door, but they tripped and dropped it and it powered off? That's a technicality, isn't it? Don't forget, this is a nuisance case. It's about a harmless Canadian citizen who's a permanent US resident, who crossed the Canadian border with his laptop. A guy smart enough to encrypt his drive. On the drive, among other things, was a few thousand porn images downloaded from the net. Legal porn. The border guards, who had no business even looking at his laptop's contents, trolled around in it until they found some tiny fraction of the images that (they allege) contained underage models. (How would *he* know the ages of the models in random online porn? Guess he'd better just store no porn at all, whether or not porn is legal. That's the effect that the bluenoses who passed the child porn laws want, after all.) That's the crime being prosecuted here. This isn't the Four Horsemen's torture-the-terrorist-for-the-password hostage situation where lives are at stake and the seconds are ticking away. This is a pointless search containing the only evidence of a meaningless censorship non-crime. If the feds can force you to reveal your password in this hick sideshow, they can force it anytime. Suppose the guy had powered off his laptop rather than merely foolishly suspending it. If the border guards had DRAM key recovery tools that could find a key in the powered-down RAM, but then lost the key or it stopped working, would you think he should later be forced to reveal his password? Suppose they merely possessed DRAM key recovery software, but never deployed it? Hey, we claim that you crossed the border with that key in decaying RAM; fork over that password, buddy! Don't give them an inch, they'll take a mile. Drug users can now not safely own guns, despite the Second Amendment. Not even guns locked in safes in outbuildings, because the law passed against using a gun in a drug crime has been expanded by cops and judges to penalize having a gun anywhere on the property even though it was never touched, and even when the only drug crime was simple possession. Five year mandatory minimum sentence enhancement. (Don't expect NRA to help -- their motto is screw the criminals, leave us honest people alone. That's no good when everybody's a criminal, especially the honest people like this guy, who had nothing to hide from the border guards and helped them search his laptop.) Sessions wrote: Boucher's act of producing an unencrypted version of the Z drive... There is no such document as an unencrypted version of the Z drive. It does not exist. It has never existed. One could in theory be created, but that would be the creation of a new document, not the production of an existing one. The existing one is encrypted, and the feds already have it. I'm still trying to figure out what the feds want in this case if the guy complies. They'll have a border guard testify that he saw a picture with a young teen in it? They'll show the jury a picture of a young teen, but won't authenticate it as a picture that came off the hard drive? It can just be any random picture of a young teen, that could've come from anywhere? How will that contribute to prosecuting this guy for child porn? Maybe they're just bored from training themselves by viewing official federal child porn images (that we're not allowed to see), or endlessly searching gigabytes of useless stuff on laptops. Instead they want the thrill of setting a precedent that citizens have no right to privacy in their encrypted hard drives. Let's not help them by declaring this guy's rights forfeit on a technicality. John - The Cryptography Mailing List