On Sun, 03 Apr 2011 11:25:46 -0400 gnupg-users-requ...@gnupg.org wrote: >Message: 2 >Date: Sat, 02 Apr 2011 13:25:43 -0400 >From: "Robert J. Hansen" <r...@sixdemonbag.org> >To: gnupg-users@gnupg.org >Subject: Re: Deniability >Message-ID: <4d975c17.3020...@sixdemonbag.org>
>My general rule of thumb is that the secret police might be >monsters, >but they will be *reasonable* monsters. Unfortunately, such *reasonable* monsters (or even 'not such monsters , UK for example) can exploit the throw-keyid feature to obtain the secret keys of anyone (in the UK). Suppose some people are in the habit of sending gnupg encrypted e- mails in the UK If the reasonable British intelligence people decided that they wanted anyone's secret keys and passwords, they could simply do something like following: [1] Anonymously send the person whose keys they want, a throw-keyid encrypted message, which is in reality encrypted to a key of their own choosing that no one else has access to [2] Ask the person to decrypt the message [3] The person will claim, quite truthfully, (and as expected by British intelligence), that he can't, since it probably wasn't encrypted to his key. [4] They can claim, quite plausibly, that he entered the wrong password intentionally so that he would not have to reveal the true contents of the message [5] They can now make a case that in order to know that the person really can't decrypt, they need the secret keys and passwords to every key on the keyring, so that they can, in front of the court, try each one and make sure the message really cannot be decrypted by any of the person's keys. [6] They can even offer the defendant an opportunity to temporarily change the password to anything of his choice, just for the purposes of the demonstration, and then change it back, and decrypt it in front of the judge, but by this time, with some easily available non-invasive stealth video recording technology, they will already have access to the secret key ring, and a functional password to each key. btw, personally I don't think the British are anywhere near this strict about such things, but if they ever did decide to be, the mechanism by which they could make it stick, is there. vedaal _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
