[cryptography] US Appeals Court upholds right not to decrypt a drive

James A. Donald jamesd at echeque.com
Fri Feb 24 17:43:03 PST 2012


Truecrypt supports an inner and outer encrypted volume, encryption hidden 
inside encryption, the intended usage being that you reveal the outer 
encrypted volume, and refuse to admit the existence of the inner hidden 
volume.

To summarize the judgment:  Plausibile deniability, or even not very  
plausible deniability, means you don't have to produce the key for the  
inner volume.  The government first has to *prove* that the inner volume  
exists, and contains something hot.  Only then can it demand the key for  
the inner volume.

Defendant revealed, or forensics discovered, the outer volume, which was  
completely empty.  (Bad idea - you should have something there for  
plausible deniability, such as legal but mildly embarrassing pornography, 
and a complete operating system for managing your private business 
documents, protected by a password that forensics can crack with a 
dictionary attack)

Forensics felt that with FIVE TERABYTES of seemingly empty truecrypt  
drives, there had to be an inner volume, but a strong odor of rat is no  
substitute for proof.

(Does there exist FIVE TERABYTES of child pornography in the entire world?)

Despite forensics suspicions, no one, except the defendant, knows whether 
there is an inner volume or not, and so the Judge invoked the following 
precedent.

http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf

That producing the key is protected if "conceding the existence,  
possession, and control of the documents tended to incriminate" the  
defendant.

The Judge concluded that in order to compel production of the key, the  
government has to first prove that specific identified documents exist,  
and are in the possession and control of the defendant, for example the  
government would have to prove that the encrypted inner volume existed,  
was controlled by the defendant, and that he had stored on it a movie  
called "Lolita does LA", which the police department wanted to watch.




_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE





More information about the cypherpunks-legacy mailing list