1998-03-30 - Re: Deniable Cryptography [was winnowing, chaffing etc]

Header Data

From: Nimrod Zimerman <zimerman@earthling.net>
To: cypherpunks@toad.com
Message Hash: 9e04e36911e2dde01e3acbcd71067fa9b850443d0a398b9ea2072a371b843ba4
Message ID: <19980330220847.28943@hexagon>
Reply To: <wxu38jfgiy.fsf@polysynaptic.iq.org>
UTC Datetime: 1998-03-30 19:09:13 UTC
Raw Date: Mon, 30 Mar 1998 11:09:13 -0800 (PST)

Raw message

From: Nimrod Zimerman <zimerman@earthling.net>
Date: Mon, 30 Mar 1998 11:09:13 -0800 (PST)
To: cypherpunks@toad.com
Subject: Re: Deniable Cryptography [was winnowing, chaffing etc]
In-Reply-To: <wxu38jfgiy.fsf@polysynaptic.iq.org>
Message-ID: <19980330220847.28943@hexagon>
MIME-Version: 1.0
Content-Type: text/plain


On Sat, Mar 28, 1998 at 05:53:36PM -0500, mgraffam@mhv.net wrote:

> I've never really fully understood this assumption. It seems to me
> that any person or group that would beat a person isn't going to
> care much if Alice cooperated or not. 
> 
> All things considered, a group with enough power to grab Alice and
> beat her probably has ways to escape punishment from the law, or
> doesn't care about the law in the first place. 

Generally speaking, you bind attackers with constants (or else, most of the
cryptography we are using is pretty much useless). Why won't you bind
physical attackers with constants just as well?

The longer you are kept alive, the higher the chance you'll be released, be
it because your attackers run out of resources, suddenly feel guilty, find
out the information some other way or being caught by law enforcement (or
your friendly rebel group).
If your attackers can prove they've gotten all they need from you during the
first week, you might be killed or released (this might be a political
issue, at times. Prisoners of war will generally be kept alive, for various
purposes, such as gaining some more when an agreement is signed).
If they can't, they are bound to beat you, or try various other methods -
but they won't kill you right away. This is a good thing, for most people
(others might wish to end the torture, even by being killed, but they can't
do that. Tough luck).

True, if you are kidnaped by a very large organization, like a country, you
don't stand a chance - you will either give up your secrets, and/or die 
(history generally tells us that people can't stand torture. The exceptions
are remarkable, and probably indicate a certain level of mental illness,
before or after the act <g>). Smaller organizations are bound by constants
that might eventually be in your benefit.

> down and gave them her most important secrets. Even if she can't prove
> it.. so what? The rubber-hose group isn't exactly the boy scouts. They
> beat her the next day too, this time a little harder.

Excluding external influences, if the group isn't presenting any rewards,
every logical system against them is quite useless. It doesn't matter whether
you tell the secret or avoid telling it - it makes no difference. A function
with no parameters, and hence a constant outcome.

That's why I consider dynamic secret sharing a better approach.
Make certain the attackers need to catch a group of people in order
to gain the secret, and change the partial secrets every short period of time.
This isn't always practical, of course.

> So, the only way for Alice to win is to do the impossible (because this
> is reality, not TV) and that is to grab the rubber hose and beat them
> with it.

(Alice can always fascinate her attackers with a new and exciting
cryptosystem, and while they are busy studying it, sneak behind and hit
them on the heads with a selected cryptography oriented book).

                                                   Nimrod





Thread