Re: Encrypted files and the 5th amendment

[夜神 岩男 <supergiantpotato () yahoo co jp>]

On Wed, 2011-07-13 at 00:45 +0200, Ferenc Kovacs wrote:
> On Wed, Jul 13, 2011 at 12:39 AM, Tim <tim-security () sentinelchicken org> wrote:
> > > Actually, there is no way to tell if the there is another encrypted
> > > volume in existence or not.  One might stipulate that there "could" be
> > > if the filesize is obvious, but when you get into gig size files that
> > > are storing small amounts of data, that argument loses value.
> >
> > Well, yes, if you are trying to hide small amounts of data, then there
> > are many ways to do it with plausible deniability.  I thought you were
> > talking about booting entire separate OSes based on boot-time
> > password.  Would be hard to hide that amount of data without at least
> > raising suspicion to a determined investigator.
> >
> > Then again, many investigators are not determined.  Keep the partition
> > small, put it inside another encrypted partition, maybe they'll miss
> > it.
>
> check out the link in the last mail, seems to be what you are looking after.
> http://www.truecrypt.org/docs/?s=hidden-volume
> http://www.truecrypt.org/docs/?s=hidden-operating-system

Don't forget that for "hidden" partitions (essentially virtual
partitions written within a giant encrypted file) to be undiscoverable a
disk must be sullied first. The "encrypted filler" is only effective if
there are truly random bits to first encrypt, or at least enough old
data being overwritten that the distinction between "used" and "unused"
space is difficult to discern.

The simple statement that "how much of the space is used is
undiscoverable" is, as a blanket statement, wrong. In most cases we
encountered (sorry for the ambiguity here, but it will remain) subjects
had used new, high capacity disks which had never been written to to
store their encrypted partitions. It was fairly clear which parts were
written to and which weren't, so determining volume sizes was possible.
This is because making any significantly large data field appear truly
random is almost impossible when starting from actual zero, and TruCrypt
does not have the magic answer to this (nor does LUKS or anything else
-- actual old use data is a lot more random than zero in all cases).

http://opensource.dyc.edu/random-vs-encrypted

/*
Anyway, there are deep reasons why the 4th Amendment can be trusted a
lot more than the paranoid fear. That doesn't mean that these
discussions about civil liberty should not be made increasingly loud and
public, however. Unfortunately our freedoms are intimately tied to our
market freedoms, and Americans are having dangerously uninformed public
discussions about economics (without realizing they are discussing
economics) in the form of tariff, social welfare, fiscal trade
regulation and immigration debate. It is these form of debate in the
interest of the "greater/public good" that will lead to us losing our
privacy and freedom. It is not plausible that a creepy "They" of the
Dark-Cabal-That-Controls-Everything variety will arrive suddenly on the
scene and trample the Constitution. The path to the loss of freedom is
very subtle, indirect and decorated with the lingua gloria of freedom,
justice and free bags of money for all.

Links to concrete (not paranoid) discussion of such issues:
http://zxq9.com/archives/398
http://zxq9.com/archives/461
http://zxq9.com/archives/423
http://zxq9.com/archives/393

I mention this only as it relates to personal encryption being more of a
social issue relating to economic and political freedom and the right to
privacy than a technical one.
*/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/