The private key, or a symmetric key would break the algorithm. It’s kind of the point that a person having those can read it. The public key is the one you can show people.
The purpose is to access the data. This is a bypass attack, rather than a mathematical one. It helps to remember that encryption is rarely used in the abstract. It is used as part of real world security.
There are actually methods to defend against it. The most effective is a “duress key”. This is the key you give up under duress. It will decrypt an alternative version of the file/drive, as well as potentially triggering additional safeguards. The key point is the attacker won’t know if they have the real files, and there is nothing of interest, or dummy ones.
An encryption scheme is only as strong as its weakest link. In academic terms, only the algorithm really matters. In the real world however, implementation is as important.
The human element is an element that has to be considered. Rubber hose cryptanalysis is a tongue and cheek way of acknowledging that. It also matters since some algorithms are better at assisting here. E.g. 1 time key Vs passwords.
Full disk (/partition) encryption means you don’t know what files there are until you decrypt. Additionally for that sort of encryption scenario you fill the partition with random data first so you can’t tell files from empty space (unless the attacker can watch the drive over time).
If you set it up correctly, this is essentially what it does. You have a disc that is, say, 1tb. It’s encrypted, so without a key, it’s just a bunch of random noise. 2 keys decrypt different vaults, but they each have access to the full space. The files with the proper key get revealed, but the rest just looks like noise still, no way to tell if it’s empty space or if it’s a bunch of files.
This does have an interesting effect. Since both drives share the same space, you can overfill one, and it’ll start overwriting data from the second. Say you have a 1tb drive, and 2 vaults with 400gb spent. If you then go try to write like, 300gb of data to one vault, it’ll allow you to do so, by overwriting 200gb of what the drive thinks is empty space, but is actually encrypted by another key.
Game theory would lead you, as the tortured, to realize that they’re just going to beat you until death to extract any keys you may or may not have, so the proper answer is to give them 1 and no more. You’re dead anyway, may as well actually protect what you thought was worth protecting. Giving 1 key that opens a dummy vault may get the torturers to stop at you, thinking this lead is a dead one.
Probably best to avoid systems with known deniable encryption methods, and keep your dummy data there. Then hide your secrets e.g. in deleted space on a drive, in the cloud, or a well-hidden micro-sd card. All have risks, maybe it’s best of all to not keep your secrets with you, and make sure they can’t be associated with you.
There are some cases involving plausible deniability where game theory tells you should beat the person until dead even if they give up their keys, since there might be more.
I mean, I’d definitely do it to SBF if his crap wasn’t cleaned out already. Though admittedly I’d largely keep going just because this world DESPERATELY needs fewer SBF types in it…
I’ve used a duress password with crypto containers since the old TrueCrypt introduced me to it a while back. Sure you can have the password and unlock the vault but it’s just text file notes in there that aren’t at all important. In reality though, no one would ever give a shit about my data enough to even ask me my password.
Peple misunderstand “Closed as duplicate” as an insult, when it’s just the hint to look at the provided link. If you didn’t find the answer previously, this just means there are multiple ways to express the problem, which use different words and thus don’t all find the same google result.
They also changed the wording from “closed” to “on hold” years ago, and I don’t think I’ve ever seen the people complaining about the site take any notice.
Some times the question has no semblance at all. Other times the answer has no semblance at all. Some times there’s no answer at all. And obviously, modern SO is full of people that will just post a ridiculously incorrect answer. There is a wide variety of possibilities!
I remember being very surprised as a I followed one of those links and got the answer I needed. But I don’t remember exactly when.
That’s fair, but if you edit the question to explain how it’s different (without which, how could anyone even answer your question?), it can be (and often is) reopened.
Yeah this is one of the main reasons why Stackoverflow’s question closing policies are bullshit. We’re going to close the question so nobody can answer it… but they can still upvote it and it will still be ranked highly on Google!
Bunch of idiots.
You know the SO Devs actually tried to improve this a while ago - I think you would be able to reopen your question once or something. Of course the power-hungry mods hated that idea and the abandoned it.
At this point it’s unfixable. They depend on their unpaid mods and they’ve already attracted the sort of people you absolutely don’t want to moderate a site.
The only hack I’ve found is that if your question gets downvoted/closed you are allowed to delete it, wait half an hour and ask it again. Much better odds of success than editing the question.
You can’t. The kinds of people who are nominated are the wrong kinds of people. I’ve participated in many SO elections and none of the candidates ever mention any of these issues.
programmer_humor
Hot
This magazine is from a federated server and may be incomplete. Browse more on the original instance.