Arno Wagner <arno@xxxxxxxxxxx> wrote: > On Sat, Sep 12, 2009 at 11:53:45PM +0200, Ivan Stankovic wrote: >> I guess the goal here would be to have LUKS features (multiple passphrases, >> ease of use, key splitting...) implemented in such a way that nobody can prove >> that you're using encryption. Thoughts? That's not plausible deniability. That's probably not even one of the prerequisites for plausible deniability (it *may be* a prerequisite of one specific kind of implementation of plausible deniability - the truecrypt style): If there is storage with lots of random-looking data on it, I'd consider this proof enough for the use of encryption - especially in scenarios where plausible deniability makes sense. > If you want more, use TrueCrypt, but I would be very careful > with plausible deniablility anyways. Your protection is primarily > that they cannot force you to give up your keys. If you live > in a country were they can, I propose to very seriously consider > leaving that country for good. See also http://xkcd.com/538/ That's exactly the reason for plausible deniability. You know they are able to force you to give them your key(s), so you prepare some keys to give them (along with some data which makes some sense to be encrypted) and the system gives you the ability to plausibly deny the existence of more keys. Just in the hope they stop cutting your extremities after the 6th finger because you convinced them. regards Mario -- The secret that the NSA could read the Iranian secrets was more important than any specific Iranian secrets that the NSA could read. -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
