[Cryptography] Rubber-hose resistance?

[Walter van Holst]

On 2017-12-12 01:14, Jon Callas wrote:
> To me, that goes more to my objection to so-called deniable encryption
> — that it presumes a threat model in which your adversary is stupid
> (they don't know or don't care about your false bottom) or good (they
> are willing to play by the apparent rules of the game as described,
> and even if they think you're cheating, they'll let you go if they
> can't prove it. An alternate scenario is that they'll play by rules
> that say you have to prove you're *not* cheating.

Or that they play by the rules, or any rules that matter, to begin with. 
And that the user will be capable of lying through the teeth. Whereas 
the reality is that even in democracies a lot of law enforcement/border 
control officers will try to intimidate anyone they suspect of being a 
"bad person" (for whatever value of "bad person"). Try being olive 
skinned, having a few too many Middle Eastern passport stamps while 
having an Arabic name and getting through US border control with a 
truecrypt volume.

Other part of reality is that most normal people are incapable of lying 
all that convincingly under duress to an adversary that isn't willing to 
let them get away with it. Even your average politician, who is more or 
less vetted for being capable of bending the truth since not 
overpromising won't get you elected, typically cannot do it very well.

So yes, most of the "plausible deniability" schemes are just a load of 
bollocks. I am looking at you, OTR, you hateful, user-unfriendly pile of 
bovine excrement.


Regards,

  Walter