On Wed, May 30, 2001 at 10:46:19AM +0200, Jan Niehusmann wrote: > On Wed, May 30, 2001 at 01:08:21AM -0700, [EMAIL PROTECTED] wrote: > > Couldn't you say something like "I'm so sorry, I can't remember the pass > > phrase, my mind has failed me...etc?" > > What about a more provable approach: > > The passphrase could be changed automatically on every system > boot, and the new passphrase could be written to a floppy disk > on a clean shutdown (which, of course, is only possible with > the root password). > > So if the police takes the computer and doesn't do the clean > shutdown (how could they?), you can tell them: Sorry folks, > you just destroyed the possibility to get any data from that computer... > > This, of course, means that you lose your data if the computer > crashes.
This is likely solving the wrong problem, your security is almost never limited by cryptographic strength, but rather by human factors or other non-cryptographic weaknesses. However, there is a known answer to this particular threat model. You want UNprovable security, with a duress filesystem. Set up a cryptographic filesystem where some blocks are filled with encrypted data, and some are filled with garbage. There are various keys that identify which parts of the filesystem that are in which filesystem and how to read them. To use some of the files, you supply just the keys you need, and leave most of the disk as untouched garbage. If someone demands that you decrypt your disk, all you can do is provide them some of the keys, which reveals some of the disk contents, but leaves a lot of suspiscious garbage left. But since you always have some real garbage left on the disk, you can't prove that you've told them everything, even if you wanted to. (This lets you conceal a key or two, since it would look like you had anyway.) Don't do this unless your data is quite valuable: The rational police response is to apply as much pressure as would coerce the most stubborn suspect, so expect to spend several years in jail for contempt of court (or your local equivalent) should you get raided with such a thing. I'm not aware of any actual implementations, unfortunately. The usual reference for this sort of thing is the cypherpunks list. Jon Leonard
