• MentalEdge@sopuli.xyz
      link
      fedilink
      arrow-up
      9
      ·
      10 months ago

      I know veracrypt has a form of this. You can set up two different keys, and depending on which one you use, you decrypt different data.

      So you can encrypt your stuff, and if anyone ever compels you to reveal the key, you can give the wrong key, keeping what you wanted secured, secure.

      • mojofrododojo@lemmy.world
        link
        fedilink
        English
        arrow-up
        2
        ·
        edit-2
        10 months ago

        won’t they know there are files they haven’t decrypted?

        if it could hide or delete the remaining files encrypted that would be nifty.

        • Ookami38@sh.itjust.works
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          10 months ago

          If you set it up correctly, this is essentially what it does. You have a disc that is, say, 1tb. It’s encrypted, so without a key, it’s just a bunch of random noise. 2 keys decrypt different vaults, but they each have access to the full space. The files with the proper key get revealed, but the rest just looks like noise still, no way to tell if it’s empty space or if it’s a bunch of files.

          This does have an interesting effect. Since both drives share the same space, you can overfill one, and it’ll start overwriting data from the second. Say you have a 1tb drive, and 2 vaults with 400gb spent. If you then go try to write like, 300gb of data to one vault, it’ll allow you to do so, by overwriting 200gb of what the drive thinks is empty space, but is actually encrypted by another key.

          It’s been a while since I’ve messed with this tech, and I’m mostly a layman, but this should be a fairly accurate depiction of what’s actually happening.

        • milicent_bystandr@lemm.ee
          link
          fedilink
          arrow-up
          2
          ·
          10 months ago

          Full disk (/partition) encryption means you don’t know what files there are until you decrypt. Additionally for that sort of encryption scenario you fill the partition with random data first so you can’t tell files from empty space (unless the attacker can watch the drive over time).

    • CosmicTurtle@lemmy.world
      link
      fedilink
      English
      arrow-up
      7
      ·
      10 months ago

      There was an encryption system a few years ago that offered this out of the box.

      I can’t remember the name of it but there was a huge vulnerability and basically made the software unusable.

      Crypt box or something like that.

      • perviouslyiner@lemmy.world
        link
        fedilink
        arrow-up
        4
        ·
        10 months ago

        The prominent one was called Marutukku - and the developer turned out to be someone who might actually need the feature.

    • 018118055@sopuli.xyz
      link
      fedilink
      arrow-up
      7
      ·
      10 months ago

      As referred in other comment, the counter counter is to just keep beating to get further keys/hidden data.

      • Ookami38@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        10 months ago

        Game theory would lead you, as the tortured, to realize that they’re just going to beat you until death to extract any keys you may or may not have, so the proper answer is to give them 1 and no more. You’re dead anyway, may as well actually protect what you thought was worth protecting. Giving 1 key that opens a dummy vault may get the torturers to stop at you, thinking this lead is a dead one.

        • 018118055@sopuli.xyz
          link
          fedilink
          arrow-up
          1
          ·
          10 months ago

          Probably best to avoid systems with known deniable encryption methods, and keep your dummy data there. Then hide your secrets e.g. in deleted space on a drive, in the cloud, or a well-hidden micro-sd card. All have risks, maybe it’s best of all to not keep your secrets with you, and make sure they can’t be associated with you.