Tuesday, August 15, 2006

BBC NEWS | Technology | Police decryption powers 'flawed'

BBC NEWS | Technology | Police decryption powers 'flawed':
Lord Phillips of Sudbury described RIPA as a 'hair-raising' piece of legislation and expressed reservations about the effect the powers being given to police would have.

'You do not secure the liberty of our country and value of our democracy by undermining them,' he said. 'That's the road to hell.'
OK, so I'll turn over the key to my encrypted files, but not to the hidden archive contained in the archive. Open source: TrueCrypt

Provides two levels of plausible deniability, in case an adversary forces you to reveal the password:

1) Hidden volume (steganography – more information may be found here).

2) No TrueCrypt volume can be identified (volumes cannot be distinguished from random data).


jj mollo said...

So, what you're saying is that the law is a wasted effort because anyone who knows what they're doing can secure their information too deeply for anyone to find. I'm not sure that's true, but there is always an arms race between the encryptors and the decryptors. Lawbreakers make stupid mistakes all the time.

Steve said...

It's a wasted effort in addition to being wrong in principle, I think.

I'm not absolutely sure about the security, but from paying a little attention to people like Bruce Schneier, Phil Zimmerman and a few others, I think the odds are pretty good that the security is at least pretty good.

In any event, I am extremely glad that I don't have to rely on the claim, strong though it may be, that steganography can conceal the existence of a hidden archive or that a volume can't be distinguished from random data. I guess some people's lives depend on that stuff working as advertized, along with all the other links in their security chains.