From: Mike Ingle <MIKEINGLE@delphi.com>
Date: Sat, 25 Dec 93 04:46:43 PST
To: cypherpunks@toad.com
Subject: Reveal your key or else.
Message-ID: <01H6VSCFJJGY938ZZT@delphi.com>
MIME-Version: 1.0
Content-Type: text/plain


Since the Canadian case, there's been a lot of talk about the problem
of being coerced to reveal your key. If the coercers play by no rules
whatsoever, there isn't much you can do. If they suspect you of having
encrypted data, they will beat it out of you. If they do play by some
sort of rules, a technical solution might save you.

Steganography can hide your data, but then you have the steg program
itself. If they find the program, they have reasonable grounds for
assuming you have hidden data, particularly if you have large
quantities of the sort of data which can conceal files, such as
sounds and graphics. So what you need is the ability to hide both
the "real" secret data and some decoy data at the same time.
This could be done using something like MD5 as a random number
generator. Suppose in the near future you have some type of
storage device which can hold a few gigabytes. You record some
audio off the radio, deliberately choosing a noisy station, and
store it on your drive. Now there is no digital master to compare
it against, and the least significant few bits are pure noise.
Now just take a passphrase, append a 32-bit counter, and start
counting and taking MD5's. For each one, you get 16 bytes of
pseudorandom data, which is reproducible only if you have the
passphrase. Use each four bytes as a pointer into your sound file,
storing one bit of the hidden data in the lsb of that location.
This would be such a good transposition cipher that you might not
even have to encrypt the hidden data first. You can use two pass-
phrases to hide two different files in the same sound file. There
is always the possibility of a collision - both passphrases write
to the same bit - so you will need an error correction code. Now
when they demand your passphrase, you give it to them. And they
find something - bogus personal letters, financial records, some
mildly indecent .GIF's, pirate software, anything that is worth  
hiding, but not prosecutable. Of course, there is another passphrase
which unlocks the real data, but you don't tell them about that
one, and they have no way to prove it exists.

Unlike Secure Drive, this could not work in real time. You would
need enough memory to dump the steg data into a RAM disk, work with
it, and then re-write it into the hidden file. But it could be done,
and if the courts rule that you have to hand over your keys or rot
in jail until you do, it may be our only recourse.

--- Mike
There are no good governments. There are bad governments, and worse
governments, and really horrible governments, but no good ones.