On Mon, May 23, 2011 at 09:35:52AM +0600, dhvvcb@xxxxxxxxxxx wrote: > On Mon, 23/05/2011 ?? 02:13 +0200, Arno Wagner wrote: > > In practice it is basically never necessary to hide encryption. > > Either it is perfectly legal for you to refuse handing over the > > keys > > That is only true if you live in a civilized country. However even in GB > there is a law that requires you to hand over the key, otherwise you are > considered as a criminal. Indeed. And how are they going to prove that you have a key in the first place? Wups, right, they cannot! So they can do this _without_ showing that you have the key, otherwise the whole law would be ineffective. > > or the presence of a large, random-looking partition or file > > is already enough that they can lock you up and demand the key. > > That is not necessarily the case. Assume you live in a lawful country. > They should prove that a random-looking partition contains sensible > information. They cannot. And they know that. They are prepared for this little hitch. > There is presumption of innocence. And you always may > declare that you clean the disk from private photo, for example. However > if a partition contains an indication that it is encrypted, such as luks > header, and even prompts to enter a password, they can justly demand > this password (if there is an appropriate law). Not really. The LUKS header is just a hint, not proof of anything. What if this is encrypted swap you set up with a random key? What it this is something old and you do not remember the key? What is this is leftover from an old installation? Right, this could all be true and they have no way to disprove your claim. So they will have made very sure they can lock you up (or worse) even if you use this type of explanation and they cannot show otherwise. > So I still think that a bit of overhead to hide encryption may > considerably increase security. It does not. This has been discussed extensively in the IT security community when the UK when that way. The problem is that they really do not need to prove anything, otherwise you could always claim to have forgotten the password. The thing that makes such a law highly unethical is that you could really have forgotten the password or that the large random-looking partition may indeed not be encrypted data. Anyways, for any practical purpose, they can demand passwords as soon as they have a "reasonable suspicion". The presence of a larger pice of random data is enough for that. Obviously you must be a terrorist if you have that and claim it is not encrypted data. Case closed. You are kidding yourself if you believe otherwise. Not that many people think your way. And if the country is less civilized, here is what would happen: http://xkcd.com/538/ And, as I said, use plain dm-crypt if you really worry about the header. Not that it will help you if they demand the key. Personally, I make very sure to not have anything that looks encrypoted when, e.g. crossing teh US border. I even wipe free space with zeros instead of my usual crypto-randomness wipe. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., CISSP -- Email: arno@xxxxxxxxxxx GnuPG: ID: 1E25338F FP: 0C30 5782 9D93 F785 E79C 0296 797F 6B50 1E25 338F ---- Cuddly UI's are the manifestation of wishful thinking. -- Dylan Evans If it's in the news, don't worry about it. The very definition of "news" is "something that hardly ever happens." -- Bruce Schneier _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
