Plausible Deniability in Cryptography

--Originally published at Tobi`s Blog

Let’s start with a little metaphor. Over the weekend we rented a big ass familyvan to drive into the mountains over the weekend. Stupid decisions brought us to a steep muddy path, where we messed around a lot and finally got stuck. Obviously…
Finally we rescue the van somehow, but it really looks like shit. So when we return the van to the unnamed car-rental. The guy gets biiig eyes when he looks at our van and wants to know what we did. He even orders a mechanic to check if we broke it. Big hassle.

What does that have to do with Encryption?
Well, when you’re for example crossing borders and have your encrypted harddrive with you the officer might get big eyes as well and things can get a bit complicated for you. You’ve encrypted your drive, so “obviously” you have something to hide, are lying and a terrorist. Be creative…
Some countries do have a really negative attitude towards encryption.

To come back to the van, if we’ve had cleaned it, no one would have gotten any suspicions.

So how do we achieve that with our encrypted drive?

One method is steganography. The art of hiding a file in another file. So if someone has a look over your data he will be like:

“Oh a video with 4GB”                ‘clicks on it’       the video runs                    Nothing suspicious here

There is no reason to dig deeper. But if you open it with Veracrypt you’re prompted with: “Please enter Password”.

One way to achieve this is described here:
http://keyj.emphy.de/real-steganography-with-truecrypt/

Well implemented steganography is the master’s way of plausible deniability, because there is even to closer look, no hint of an encrypted container.

Another way is to use Veracrypts hidden container in a container. The second container is

Continue reading "Plausible Deniability in Cryptography"