Software Helps Rights Groups Protect Sensitive Information

Ivan Krstic ccikrs1 at cranbrook.edu
Mon May 31 16:08:10 EDT 2004 

This reminds me of a question I've been meaning to ask for a while. Has 
there been any research done on encryption systems which encrypt two (or 
n) plaintexts with n keys, producing a joint ciphertext with the 
property that decrypting it with key k[n] only produces the nth plaintext?

In the particular scenario that the article describes, activists need to 
protect their information from people that probably have little respect 
for the Geneva convention and would possibly find any evidence of 
encrypted information as proof enough that there is illegal activity 
going on. This, in turn, might lead to the police beating the key out of 
them.

Now, if a solution such as Apple's FileVault or PGP's PGPDrive offered 
an "interleaved drive" system where one file stored multiple encrypted 
disks, and which one is accessed depended on which key you provided, 
perhaps things can be changed a bit. Password A unlocks a drive with 
mild dissidence information to appear credible. Password B unlocks a 
drive with the truly secret data. If captured, after some hours of a 
(probably highly unpleasant) interrogation, the dissident gives password 
A, interrogators try it, it works, they find nothing of tremendous use 
and dissident walks.

If people have written on this before, I'd appreciate a few references.

As for Zimmerman's comment about keyloggers - I'd hope the software 
offered a point-and-click method of entering the password. This can 
still be defeated with a custom-tailored piece of spyware, but it can be 
made much more difficult for the attackers to do so (depending on how 
well it's coded, it might actually require TEMPEST or the breaking of 
kneecaps to extract the password).

Cheers,
Ivan.

R. A. Hettinga wrote:
> SOFTWARE HELPS RIGHTS GROUPS PROTECT SENSITIVE INFORMATION
[snip]

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list