[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Deniable Cryptography [was winnowing, chaffing etc]



-----BEGIN PGP SIGNED MESSAGE-----

On Sat, 28 Mar 1998, Brian B. Riley wrote:
>  The whole point is that since such a system offers no way to verify
> that Alice has indeed at any point given them 'everything' she has to
> tell, they will keep beating Alice; Alice, recognizing this at the
> outset has no reason to give them anything because she knows that since
> she cannot prove she has given them everything they will beat her again
> and again no matter what she does.

She has a reason to tell them as much as she can. When she tells them a
key that yields meaningful data, they stop beating her for the day.
At some point she will give away all the keys that yield innocuous or
less important data. Then she will say "I dont have anything else."
Which the bad guys figure she is going to say at some point anyhow, and
they keep beating her no matter what, as we agree they will probably do.

At some point, she will give up that most important key just to escape
the day's beating, or to get the knife removed from her hand.. If the
attackers are smart, they would leave her alone for varying amounts of
time, so that at any point the key that she gives might buy her a month
or more of pain-free existence. Maybe more.

If I were a bad guy, I'd opt for letting her live well for a few years,
and then one day we start the beatings again, as often as possible (short
of killing her). At some point, she'll say "The only key that I have left
is the most important one. If I give it up, maybe I'll get another 2 years
of the good life."

She would know that I would never let her go, and she would know that
the beatings would continue for the rest of her life. It simply becomes
a matter of how much pain-free time she gives herself. 

If the attacker beat her every second of every day, no matter if she
gives a key or not, then you are right. I suspect everyone would keep
their mouth shut out of spite, if nothing else. 

But if the key she gives yields meaningful data, then the tables
change really quickly.

There is another point to realize, there is a point where you simply
stop acting reasonably because of the pain and suffering.. and once
reason is out the window, expecting Alice to hold on to the keys because
she is screwed either way is a gamble. Sure, the scheme works when we
are being reasonable, but when you get the side of your head smashed
it, reasonableness is one of the first things to leave you.

This is why I think that pursuing a biological form of authentication
could be so useful. It could potentially make beating the person 
prolong the time needed to get the information. If the bioauthentication
system could take biofeedback from feelings like intimidation or anxiety,
and use these to alter the resulting "key" output, then it would actually
behoove the attackers to give Alice a nice comfy bed and 3 squares a day.

	"Sometimes," she said, "they threaten you with something --
	something that you can't stand up to, can't even think about."
	...
	"Under the spreading chestnut tree
	I sold you and you sold me -"
						- Julia, and a portion of
						  a song from "1984"

Michael J. Graffam ([email protected])
http://www.mhv.net/~mgraffam -- Philosophy, Religion, Computers, Crypto, etc
Let your life be a counter-friction to stop the machine.
				Henry David Thoreau "Civil Disobedience"

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 5.0i for non-commercial use
Charset: noconv

iQCVAwUBNR2gXAKEiLNUxnAfAQEpLwP9HUO8wGOGp6u7iSLcvzbB71m2BGgK1z7r
5ODfaIO4dLMwvUG8MPV6JedYDODVL+l6Ea7U8pKR/oO6fTV9Y2UhW8jSJunbgQ83
mIEAaZPCVpJxUELVBfpuQAkGIITOGiGjrmozlojH+l8x/AW0t3xyFQG/wvRwxBSO
Z+EHWifLb38=
=pbuj
-----END PGP SIGNATURE-----