[Cryptography] Rubber-hose resistance?

Neuhaus Stephan (neut) neut at zhaw.ch
Thu Nov 30 04:23:40 EST 2017

There is no such thing as plausible deniability. Or rather, there is no such thing in the real world. For example, if you hand over your USB stick and the authorities find a TrueCrypt volume on it which, however, seems to contain only innocuous data, do you really think that the customs official will hand it back to you with a smile and a wink?

I’m not sure who it was, but on this very list a member posted a conversation they had with a customs official who essentially said that they *knew* that the whole purpose of TrueCrypt was to have a hidden volume with the true stash.

In your example, the page you link to says, “Since there is no way to prove that there is any wallet beyond the ones that you have admitted to, the “attacker” will have to be satisfied with the revealed ones.” This is of course not true. If they are truly determined, they’ll start removing fingernails until you reveal the true passphrase to them. And then they will probably remove the remaining ones too, just to make sure that there aren’t any other “true” passphrases.

On the page it also says, “[Turning passphrase entry off] creates an illusion that passphrases were never used in the first place — one cannot accuse you of having hidden wallets.” Of course one can. And, again, if one is determined, one will.

It’s interesting that the page even shows the canonical XKCD, but without apparently realizing what it means. The whole point of the XKCD is that the attacker doesn’t have to prove or break anything: they can simply hit you over the head until you reveal what they want to hear.


“[I]n the 19th C.[,] telegraphers […] copied Morse-coded messages. Although they transcribed them, they never really processed them.” Students still do this today — Peter Gutmann on the cryptography mailing list

On 2017-11-30 06:59, "cryptography on behalf of Pavol Rusnak" <cryptography-bounces+neut=zhaw.ch at metzdowd.com on behalf of stick at gk2.sk> wrote:

Plausible deniability has been part of the TREZOR design since it's


Best Regards / S pozdravom,

Pavol Rusnak <stick at gk2.sk>
The cryptography mailing list
cryptography at metzdowd.com

More information about the cryptography mailing list