English 19-year-old jailed for refusal to disclose decryption key

Jerry Leichter leichter at lrw.com
Thu Oct 7 20:14:41 EDT 2010 

On Oct 7, 2010, at 1:10 PM, Bernie Cosell wrote:
>>
>>>>> a 19-year-old just got a 16-month jail sentence for his refusal to
>>>>> disclose the password that would have allowed investigators to see
>>>>> what was on his hard drive.
>>>>
>>> What about http://www.truecrypt.org/docs/?s=plausible-deniability
>>> Could this be used?
>> Sure. And the technology used would have no effect on the standard
> ... used in court:
>
> I think you're not getting the trick here: with truecrypt's plausible
> deniability hack you *CAN* give them the password and they *CAN*  
> decrypt
> the file [or filesystem].  BUT: it is a double encryption setup.  If  
> you
> use one password only some of it gets decrypted, if you use the other
> password all of it is decrypted.  There's no way to tell if you used  
> the
> first password that you didn't decrypt everything.  So in theory you
> could hide the nasty stuff behind the second passsword, a ton of  
> innocent
> stuff behind the first password and just give them the first password
> when asked.  In practice, I dunno if it really works or will really  
> let
> you slide by.
You're thinking too much about the technology.

The court demands a company turn over its books.  The company denies it
keeps any books.  Sure - massive fines, possible jail sentences for the
principals.

Alternatively, the company turns over fake books.  There is evidence  
that the
books are fake - they show the company only did 2000 transactions last  
year,
but somehow the company paid a staff of 200 to take phone calls last  
year.
Or the books don't show any payments for things that we see sitting in  
the
warehouse.  Or maybe there are just purely statistical anomalies:  The
variation in income from week to week is way out of the range shown by
other businesses.  Or there's just someone who swears that these are not
the books he's seen in the past.  Same outcome for the company.

Maybe the high-tech cheats let you get away with stuff; maybe they  
don't.
Then again, maybe the fake paper books let you get away with stuff, and
maybe they don't.  Technology lets you play some games more easily,
but it's not magic pixie dust that immunizes you from reality.

							-- Jerry

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list