On Thu, May 23, 2013 at 07:13:03PM +0200, sector9@xxxxxxxx wrote: > Understood. The problematic nature of claiming plausible deniability > with regard to a lost non-existent keyfile comes down to extralegal > practices and testimony on behalf of the user. Indeed. Or legal practices where the police or prosecution has a lot of leeway and when they think you are "difficult" they can bring the hammer down. Completely unethical of course, but entirely legal. Remember that any form of authorities traditionally had the purpose to make the subjects do what the ruling class wanted, typically by threat of force. Laws were not about what is right, but about what behaviours were undesired by those in power. This still shows and by my impression some western countries are again strongly going in that direction, e.g. by calling people "terrorists" more and more frequently to take the rights away they would have had as mere murderers. > On the technical side, if done properly, one could place the boot > partition on a separate USB and claim it is lost along with the keyfile. > This setup would allow one to perfectly conceal whether or not one is > using a keyfile and therefore provide plausible deniability about access > to an encrypted system. > > The good old xkcd depiction of the reality of rubberhose cryptanalysis > is so eloquent in its simplicity. Indeed. The message could not be clearer. Some XKCDs are prue genius. > Yet we explore sidechannel attacks, > social engineering, etc to bolster the use of the strong crypto ciphers. > This variety of defense that I was inquiring about is another > possibility to explore. > > I appreciate your answers very much. You are very welcome. It is a discussion that needs revisiting from time to time as things change. And there is a lot of change currently. Arno -- Arno Wagner, Dr. sc. techn., Dipl. Inform., Email: arno@xxxxxxxxxxx GnuPG: ID: CB5D9718 FP: 12D6 C03B 1B30 33BB 13CF B774 E35C 5FA1 CB5D 9718 ---- There are two ways of constructing a software design: One way is to make it so simple that there are obviously no deficiencies, and the other way is to make it so complicated that there are no obvious deficiencies. The first method is far more difficult. --Tony Hoare _______________________________________________ dm-crypt mailing list dm-crypt@xxxxxxxx http://www.saout.de/mailman/listinfo/dm-crypt
