[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Stealth PGP and OTPs for Plausible Deniability

To: [email protected], [email protected]
Subject: Stealth PGP and OTPs for Plausible Deniability
From: Tim May <[email protected]>
Date: Wed, 21 May 1997 09:38:07 -0800
In-Reply-To: <[email protected]>
Sender: [email protected]

At 7:58 AM -0800 5/21/97, Steffen Zahn wrote:
>On Thu, 15 Jul 1993, Allan Thompson wrote:
>
>>         Would it be possible for a court to subpeona a encrypted file or
>>key,
>> and order you to tell them the key ?
>> If you didn't would you be held in 'contempt of court' ?
>
>How about claiming that you used a OTP and then revealing the key?
>Or should I say a key?
>

Making a claim and having it be plausible are entirely different things. In
the case of PGP, or S/MIME, or whatever, the form is entirely different
from what a one time pad would generate.

A so-called "stealth" form of PGP (etc.), which would not contain headers
or other indications of it being PGP, version, etc., would be a better
candidate for this.

(Efforts to build such stealth versions have languished...I spoke to some
PGP, Incorporated folks at a recent Cypherpunks meeting about this, and
they confirmed that this is a very low, or even negative priority. As their
mission is now to meet corporate needs, and to get generate sales to
government agencies, and to work with Key Recovery and Children's Security
Alliance, introducing a "plausible deniability" version of PGP is not
desirable for them.)

A stealth version that automatically generated a "pad" that was innocuous
would be easy enough to write. Just XOR the stealthed PGP block with
something like "I'm thinking of travelling to Germany this summer...any
ideas about what I should see? blah blah blah"

Then any search warrant turns up the XORed version (the pad), which when
XORed with the message the authorities want to decrypt yields the innocuous
message above.

Probably any stealthy versions of PGP or S/MIME would best be handled
outside of PGP or other vendors...just modify their source code and
distribute the stealthy versions.

--Tim May

There's something wrong when I'm a felon under an increasing number of laws.
Only one response to the key grabbers is warranted: "Death to Tyrants!"
---------:---------:---------:---------:---------:---------:---------:----
Timothy C. May              | Crypto Anarchy: encryption, digital money,
[email protected]  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."

Follow-Ups:
- Re: Stealth PGP and OTPs for Plausible Deniability
  - From: "Willaim H. Geiger III" <[email protected]>
- Re: Stealth PGP and OTPs for Plausible Deniability
  - From: Adam Back <[email protected]>

References:
- Re: encryption laws
  - From: Steffen Zahn <[email protected]>

Prev by Date: Re: Wine Politics Again!
Next by Date: Re: Why I think Jim Bell is getting railroaded
Prev by thread: Re: encryption laws
Next by thread: Re: Stealth PGP and OTPs for Plausible Deniability
Index(es):
- Date
- Thread