1996-10-08 - Re: You can be forced to turn over your encryption keys?

Header Data

From: jim bell <jimbell@pacifier.com>
To: “Timothy C. May” <cypherpunks@toad.com
Message Hash: 9531ca4d1e7bfb05fbe22915c15b64e90464d086b93580c49eb0aa51eb07ebd6
Message ID: <199610072024.NAA07290@mail.pacifier.com>
Reply To: N/A
UTC Datetime: 1996-10-08 01:41:41 UTC
Raw Date: Tue, 8 Oct 1996 09:41:41 +0800

Raw message

From: jim bell <jimbell@pacifier.com>
Date: Tue, 8 Oct 1996 09:41:41 +0800
To: "Timothy C. May" <cypherpunks@toad.com
Subject: Re: You can be forced to turn over your encryption keys?
Message-ID: <199610072024.NAA07290@mail.pacifier.com>
MIME-Version: 1.0
Content-Type: text/plain


At 10:17 AM 10/7/96 -0800, Timothy C. May wrote:
>At 10:33 AM -0400 10/7/96, Geoffrey C. Grabow wrote:
>>I thought we had a 5th amendment.  Isn't turning over your key that may (or
>>may not) expose encriminating evidence an extension of self-encrimination?
>>Haven't there been dozens of famous witnesses (Patty Hurst, Oliver North,
>>etc) that "take the 5th" dozens of times on the stand.  Why couldn't I
>>"take the 5th" when asked for my encryption keys?  When asked for your key,
>>can't you say: "I'm sorry your honor, but I respectfully refuse to answer
>>that question on the grounds that it may incriminate me.".

>Though IANAL, I know of many, many discussions of this question. So far as
>I know, it remains one of The Great Unresolved Questions.
  

I think that there was an idea that appeared in the last few months around 
here, which took advantage of the fact that a one-time pad makes all 
decrypts equally likely.  If the cops sieze an apparently-encrypted file and 
they insist on the key, just ask them to give you the file back (although 
presumably you already had it) and present them with the OTP, revealing the 
fact (surprise!!!) that the thing decrypts to (for just one example) the 
first "N" bytes of the King James Bible, or the Cybernomicon, or "War and 
Peace" or the stock exchange results for August 1, 1989, etc...

This suggests that there is a reason to have a program which uses OTP 
techniques but generates files which "look like" valid PGP output. The judge 
can't force you to reveal what you don't know, but more importantly if you 
give him a "key" that might be the correct one, and assuming it is 
impossible to prove that it wasn't the correct key, then it would be 
somewhat pointless and certainly unjustified for him to continue to insist 
on providing yet another key.






Jim Bell
jimbell@pacifier.com





Thread