Hacker News new | past | comments | ask | show | jobs | submit login
Ask HN:Plausibly deniable email
7 points by dublinclontarf on April 25, 2009 | hide | past | favorite | 5 comments
I've recently been reading quite a lot about cryptography, and being the impressionable young man that I am I've become somewhat paranoid.

I've installed OpenPGP and Enigmail along with TrueCrypt.

But I have been wondering, is there a mail encryption tool that offers the same plausible deniability for email as TrueCrypt provides for encrypted volumes?

A tool that allows you to send two messages, one phoney and the other private, each to be revealed with a different password (ala hidden volume in TrueCrypt).

If no such application exists (I haven't managed to find one yet) what other steps might I take to achieve plausible deniability?




Your deniability will not be "plausible" if the two-message feature you described is in the software documentation.

At least with disk encryption, you could claim the rest of the disk is "unused". With email, your encrypted message would be twice as big as necessary for sending your "phoney" message, ... making it clear there is still a "private" message in there.

Besides an academic curiosity in encryption, what makes an impressionable young man paranoid these days??


I get like that, I really am impressionable. For example after watching a few zombie movies (the new ones with fast zombies, think 28 Days/Weeks later) I hear shouting & screaming on a main shopping street the first thing that comes to my mind is zombie outbreak, get ready to run.

I read The Complete Alien Omnibus, and when I would wake up at night to go to the bathroom I'd see shapes moving on the wall.

So, when I read about cryptography and the weakest link is the human part I automatically think torture. I know the chances of me or anyone I know being brought in for "questioning" is immeasurably slim but... it would quell my anxiety if I was prepared for such an eventuality, I mean I've already got a zombie plan, which works(I hope) equally well for any kind of viral outbreak.

Plain old paranoia I guess.


One could always add a random length of random bytes to the message so the size comparison method doesn't work.

This assumes that real ciphertext is indistinguishable from random data without the key.


Real cyphertext should have less Shannon entropy/higher compressability than random data, I think, unless a one-time pad was used. However, it's fully possible to create semi-random cyphertext to a set entropy, which means all your encrypted transmissions could just be filled with "sparse" or "dense" extra data to balance them out with your chosen "inconspicuous" entropy value.

Then again, I seem to recall that the cyphertext is compressed before encryption in PGP/GPG, likely in order to obviate exactly this problem. Then you would indeed just have to add white noise to the messages until their post-compression, pre-encryption filesizes match, as hopefully the encryption layer won't allow the compression ratio information to leak through.


Look into the protocol for OTR:

http://en.wikipedia.org/wiki/Off-the-Record_Messaging

It is used for plausible deniability in a secure IM conversation, but I don't see any reason it couldn't be applied to email.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: