There are a number of good ways to breach modern cryptography without torture. They include:
Van Eck (Tempest) monitoring. Sodium pentathol & its more modern cousins. Bribery. Blackmail.
Adam Shostack adam@bwh.harvard.edu
Much more likely: * Diskettes left lying around. Secret keys on home computers. * Incompletely erased files. (Norton Utilities can recover erased files; mil-grade multiple-pass erasure may be needed.) A simple search warrant executed on your premises will usually crack open all your crypto secrets. (Fixes to this are left as an exercise.) Where to store one's secret key is an issue that makes academic the issue of whether one's key can be compelled. A diskette stored at one's home, in one's briefcase, etc., can be gotten. A pendant or dongle or whatever that stores the key can also be gotten. The passphrase (8-12 characters, typically) is secure, but not the key. --Tim May -- .......................................................................... Timothy C. May | Crypto Anarchy: encryption, digital money, tcmay@netcom.com | anonymous networks, digital pseudonyms, zero 408-688-5409 | knowledge, reputations, information markets, W.A.S.T.E.: Aptos, CA | black markets, collapse of governments. Higher Power: 2^859433 | Public Key: PGP and MailSafe available. "National borders are just speed bumps on the information superhighway."