From: "Deranged Mutant" <WlkngOwl@unix.asb.com>
Date: Sat, 20 Jul 1996 21:24:55 +0800
To: Adam Back <aba@atlas.ex.ac.uk>
Subject: Re: Opiated file systems
Message-ID: <199607191718.NAA04087@unix.asb.com>
MIME-Version: 1.0
Content-Type: text/plain


On 18 Jul 96 at 11:01, Adam Back wrote:

> For plausibility it would probably be best if very few people used the
> duress key feature.

And how can you guarantee that?  Also: an attacker doesn't care about 
what percentage of (other) users use duress feature of not.  His 
concern is whether you use it.

Note that you'd have to be careful of what you say and do over email 
in the clear (or encrypted to someone cooperating with an attacker): 
if you post an excerpt of source code or maybe somehting like 
Edupage, or if you save mail, there might be reason enough for the 
attacker to expect to see some of that on your encrypted fs after 
he's rubber-hosed your key from you.  If he doesn't, and he knows you 
have a possibility of using the duress-key feature...

Oh yeah. Psychology is a good way of determining the likelihood of 
using a duress system.  

With the extra work and overhead of a duress system, you're better 
off using stego on some gifs or graphics files.

Rob
 
---
No-frills sig.
Befriend my mail filter by sending a message with the subject "send help"
Key-ID: 5D3F2E99 1996/04/22 wlkngowl@unix.asb.com (root@magneto)
        AB1F4831 1993/05/10 Deranged Mutant <wlkngowl@unix.asb.com>
Send a message with the subject "send pgp-key" for a copy of my key.