[15520] in cryptography@c2.net mail archive
Re: Software Helps Rights Groups Protect Sensitive Information
daemon@ATHENA.MIT.EDU (Ivan Krstic)
Tue Jun 1 11:42:23 2004
X-Original-To: cryptography@metzdowd.com
X-Original-To: cryptography@metzdowd.com
Date: Mon, 31 May 2004 16:08:10 -0400
From: Ivan Krstic <ccikrs1@cranbrook.edu>
To: "R. A. Hettinga" <rah@shipwright.com>
Cc: cryptography@metzdowd.com
In-Reply-To: <p06110403bce0fd0187d7@[66.149.49.5]>
This reminds me of a question I've been meaning to ask for a while. Has
there been any research done on encryption systems which encrypt two (or
n) plaintexts with n keys, producing a joint ciphertext with the
property that decrypting it with key k[n] only produces the nth plaintext?
In the particular scenario that the article describes, activists need to
protect their information from people that probably have little respect
for the Geneva convention and would possibly find any evidence of
encrypted information as proof enough that there is illegal activity
going on. This, in turn, might lead to the police beating the key out of
them.
Now, if a solution such as Apple's FileVault or PGP's PGPDrive offered
an "interleaved drive" system where one file stored multiple encrypted
disks, and which one is accessed depended on which key you provided,
perhaps things can be changed a bit. Password A unlocks a drive with
mild dissidence information to appear credible. Password B unlocks a
drive with the truly secret data. If captured, after some hours of a
(probably highly unpleasant) interrogation, the dissident gives password
A, interrogators try it, it works, they find nothing of tremendous use
and dissident walks.
If people have written on this before, I'd appreciate a few references.
As for Zimmerman's comment about keyloggers - I'd hope the software
offered a point-and-click method of entering the password. This can
still be defeated with a custom-tailored piece of spyware, but it can be
made much more difficult for the attackers to do so (depending on how
well it's coded, it might actually require TEMPEST or the breaking of
kneecaps to extract the password).
Cheers,
Ivan.
R. A. Hettinga wrote:
> SOFTWARE HELPS RIGHTS GROUPS PROTECT SENSITIVE INFORMATION
[snip]
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
