[cryptography] US Appeals Court upholds right not to decrypt a drive

Jon Callas jon at callas.org
Sat Feb 25 02:50:39 EST 2012


On Feb 24, 2012, at 5:43 PM, James A. Donald wrote:

> Truecrypt supports an inner and outer encrypted volume, encryption hidden inside encryption, the intended usage being that you reveal the outer encrypted volume, and refuse to admit the existence of the inner hidden volume.
> 
> To summarize the judgment:  Plausibile deniability, or even not very plausible deniability, means you don't have to produce the key for the inner volume.  The government first has to *prove* that the inner volume exists, and contains something hot.  Only then can it demand the key for the inner volume.
> 
> Defendant revealed, or forensics discovered, the outer volume, which was completely empty.  (Bad idea - you should have something there for plausible deniability, such as legal but mildly embarrassing pornography, and a complete operating system for managing your private business documents, protected by a password that forensics can crack with a dictionary attack)
> 
> Forensics felt that with FIVE TERABYTES of seemingly empty truecrypt drives, there had to be an inner volume, but a strong odor of rat is no substitute for proof.
> 
> (Does there exist FIVE TERABYTES of child pornography in the entire world?)
> 
> Despite forensics suspicions, no one, except the defendant, knows whether there is an inner volume or not, and so the Judge invoked the following precedent.
> 
> http://www.ca11.uscourts.gov/opinions/ops/201112268.pdf
> 
> That producing the key is protected if "conceding the existence, possession, and control of the documents tended to incriminate" the defendant.
> 
> The Judge concluded that in order to compel production of the key, the government has to first prove that specific identified documents exist, and are in the possession and control of the defendant, for example the government would have to prove that the encrypted inner volume existed, was controlled by the defendant, and that he had stored on it a movie called "Lolita does LA", which the police department wanted to watch.

There is no such thing as plausible deniability in a legal context.

Plausible deniability is a term that comes from conspiracy theorists (and like many things contains a kernel of truth) to describe a political technique where everyone knows what happened but the people who did it just assert that it can't be proven, along with a wink and a nudge.

But to get to the specifics here, I've spoken to law enforcement and border control people in a country that is not the US, who told me that yeah, they know all about TrueCrypt and their assumption is that *everyone* who has TrueCrypt has a hidden volume and if they find TrueCrypt they just get straight to getting the second password. They said, "We know about that trick, and we're not stupid."

I asked them about the case where someone has TrueCrypt but doesn't have a hidden volume, what would happen to someone doesn't have one? Their response was, "Why would you do a dumb thing like that? The whole point of TrueCrypt is to have a hidden volume, and I suppose if you don't have one, you'll be sitting in a room by yourself for a long time. We're not *stupid*."

	Jon





More information about the cryptography mailing list