Just thought of a feature idea for TrueCrypt and other similar packages: encrypted files or partitions can have multiple passwords, which reveal different things. So you could have a password that reveals something embarrassing but not incriminating. If the police or border nazis threaten you with prosecution unless you reveal your password, you give them this one. Meanwhile, you hide anything really confidential behind a password that you never give out.
More people should learn from this attitude. This is what I say every time I have an idea, and I later found out someone already built a startup around it (happens quite a lot, since I spend half my waking time thinking of startups).
Indeed. It means you possibly have a head for good ideas. You should be far, far more worried if nobody else has beaten you to the punch on any of your ideas, because that would tend to indicate that your ideas are either impractical or of low quality.
Presumably the UK police are aware of this feature, which could lead to a more interesting situation when you can't prove that you've really unlocked to the deepest level.
My understanding of the feature is that is is impossible to verify whether or not you are using a hidden volume within a TC encrypted volume.
Although file-hosted TrueCrypt volumes (containers) do not contain any kind of "signature" either (until decrypted, they appear to consist solely of random data), they cannot provide this kind of plausible deniability, because there is practically no plausible explanation for the existence of a file containing solely random data. However, plausible deniability can still be achieved with a file-hosted TrueCrypt volume (container) by creating a hidden volume within it.
Clarification: it's impossible to determine if a hidden volume exists in a TrueCrypt volume. It is trivial to determine whether a given password unlocks the main, hidden, or neither volume.
Data about the hidden volume is encrypted and kept in the second 512 bytes of the volume, where as data about the normal volume is in the first 512 bytes. If there is no hidden volume, the second 512 bytes are purely random data.
It's impossible to tell an encrypted volume header apart from random data. It's very much "try, and if you fail, you either have the wrong key or the volume doesn't exist".
I've met a couple of people who actually deal with computer forensics for the police and they are seriously smart people and totally on top of their game. So while you're average cop might not understand the details, they have forensics guy who certainly do.
As to proving anything, my understanding is that it is theoretically impossible to prove, but sometimes bugs in the implementation or various user mistakes mean that you can, in practice, sometimes get a good indication that something is hidden,
How is it annoying to use? You have to enter 2 passwords instead of 1... Is that it?
As for the data loss, if you only enter the first password, it will let you overwrite the space where the hidden encrypted volume is stored yes. How else would it work? If it didn't let you do this, it would be obvious that a hidden container exists...
nah, the police can't torture you for your password. Only the evil criminals can do that. The courts can incarcerate you for not revealing a password, it's is up to you the criminal to decide if the punishment for not revealing the password is more/less severe than the punishment for whatever crime your hiding the evidence of with the password.
Edit: OK now I have found evidence to prove myself wrong. At some point in the past I though I had read of a court case where a judge ruled that a defendant had to reveal a password. But a more recent case says otherwise: http://www.usatoday.com/tech/news/techpolicy/2008-02-07-encr...
Depending on the country, the symmetric set difference between the police and "evil criminals" is quite small.
And even then when the police can't torture your officially, they can have ways of torturing you un-officially. They can lock you up with a group of gang members who are on the un-official "payroll" of the police. They rape and torture you until you reveal the password. The case in the media will come out as "my cellmate confessed in a moment of weakness and here is the password".
Japan is unique among democratic countries in that confessions are obtained from 95% of all people arrested, and that its courts convict 99.9% of all the suspects brought before them. (...) It is how the police obtain these confessions that troubles human-rights activists. A suspect can be held for 48 hours without legal counsel or contact with the outside world. After that, he or she is turned over to the public prosecutor for another 24 hours of grilling. A judge can then grant a further ten days of detention, which can be renewed for another ten days.
I hope you weren't seriously trying to conflate the Northern Irish situation (which was more like a civil war or a war for independence) and the US military with the UK police.
That doesn't make either of those right, there is no mistake about that, but the UK police is amongst the most professional forces in the world. Not quite the RCMP but to suggest that they'd torture inmates to get a password is simply nonsense.
In the US the current rules for personal hard drives are bound by the 5th amendment which has been interpreted as "a reasonable expectation for privacy." What happens is the police say "Give us your password and we'll drop whatever sentence by 75% for helping the investigation." You don't have to give your password but the NSA works pretty extensively with law enforcement and the FBI (most US cases that require password cracks are federal cases but thats a separate issue).
Anything that ever touches an ISP is a totally separate issue though. In that case, in the US, any information stored by an ISP can be retrieved without a warrant 6 months (I'd need to confirm its not 120 days) after the incident. Those cases fall under the interpretation of a message overheard. In 5th Amendment cases, if you say a message in a crowded room, you don't have a reasonable expectation of privacy and this is how any message on the internet is interpreted legally. There was also a court case this spring where the DoD sued an ISP to give over IP addresses sooner than the 6 month (120 days?) limit (anyone got a link?). The DoD dropped the case though.
Do you think the NSA is going to reveal to foreign governments that they've broken AES by going after some guy with child porn on his laptop? I personally doubt it.
Could the NSA cooperate with the FBI? Yes. Will they? Not if it means they can't spy on Russia anymore.
They could just provide the password without divulging how they did it. The best way would be for them to get the drive, if they crack the password, and the password looks like it could have been guessed or generated from some contextual info about the subject or the case, then they return it the police. If they do crack it but the password is actually a random string and disclosing it would betray NSA's abilities, they they simply refuse to disclose it.
On the other hand maybe it would be better to create disinformation that they have cracked all kinds of ciphers or at least their popular implementations? Maybe it will lead enemies to try to implement their own or use alternate implementations that are actually less secure. This will be similar to Airforce's disinformation related to captured UFO tech in the 50s and 60s...
It has nothing to do with holes in AES, NSA just has better brute force capabilities than the FBI or any other law enforcement. And while you sit in jail awaiting trial, they take the months it takes to brute force a key.
"Breaking AES" is not at all necessary. All it takes is one implementation hole, or some plaintext unknowingly cached by a program.
The NSA don't merely employ scores of cryptanalysts to sit around all day to try to break ciphers (though I expect they do this too). Exploiting mistakes is their bread and butter.
Or maybe they already have this?