top | item 33555390

(no title)

19870213 | 3 years ago

Would it be possible to construct a file/system encryption scheme where you have a read-write passcode and a read-only passcode? Such that when given the read-only passcode it would allow (legal/valid) searches by law enforcement, but not (easily) allow fabrication of evidence by planting incriminating files?

I suppose you could make it part of a signature scheme for files (file written by passcode X) so that your defense could point to the discrepancy in your favour.

discuss

m00x|3 years ago

Any backdoor made for law enforcement will eventually land in the hands of bad actors, and sometimes those backdoors will be used illegally by law enforcement.

oh_my_goodness|3 years ago

The proposal is kind of the opposite. It's a restricted mode intended for use by law enforcement.

feet|3 years ago

I think they mean two separate passcodes set by the user, same as a normal passcode

bheadmaster|3 years ago

Public key encryption perhaps?

Private key for encryption, public key for decryption. You give the authorities the public key, they can't plant any data with it.

HPsquared|3 years ago

Probably something involving digital signatures on all files.

megous|3 years ago

And what proves you didn't introduce the discrepancy yourself? (Since you'd benefit from it, it's quite plausible you would.)

ranguna|3 years ago

If you mount an decrypted file system from another user, doesn't that make it inheritly read only if you are not a super user?