One such solution to this kind of case is a high/low password system where an encrypted volume is created with 2 passwords, one that allows access to the real deal and one that allows access to a decoy volume with sensitive but nonincriminating data. I’m not sure if PGP can do this, but the free program TrueCrypt can.

I will immediately eat the post-it with my password.

The government doesn’t have any right to get you to confess, even if you confessed before. You don’t waive the Fifth forever by running your mouth once. For example, the government can’t call even a confessing defendant to the stand to testify.

The government may still have enough evidence to prove the case. It may be that, as usual, they’re just trying to make their job as easy as possible. When we confess, all we do is make the government’s job easier.

However, security is one of those things that are only as good as its weakest link. A secure encryption scheme is worthless if you save the password in an unencrypted file on the computer, or worse yet, leave it on a post-it note by your monitor. The FBI has successfully used warrants to install trojans and keystroke loggers to find passwords for strong encryption, which have resulted in convictions. There are quite a few methods for cryptanalysis that do not require actually attacking the algorithm.

Mark, I’m not entirely convinced that the rape analogy is, well, analogous. In essence, the suspect “confessed” to a law enforcement officer who did not record the confession, and the authorities are trying to get him to confess again.

Now, I’m not a lawyer, just some ordinary citizen who really cares about civil liberties, so I’m curious – would the border patrol officer’s testimony be good enough in court? Or would the prosecutor really have to produce the physical evidence to have a case?

And Michael – there are plenty of open-source/free implementations of Elliptical Curve Cryptography out there. Are you saying that there are proprietary algorithms that are better, or that these algorithms are not free to use without a license? That’s what always irritated me about crypto algorithms – the source should be published and peer-reviewed to ensure security, but that just makes it easy to use without a license, especially non-commercially.

What’s the company with all the IP?

SHG,

Ah, yes. Paree. I remember it well.

http://blog.simplejustice.us/2007/12/15/subpoena-quashed-for-encryption-password.aspx

Don’t be too worried about the quantum computer end-run around RSA encryption. As you know RSA is based on the extreme difficulty of factoring very large numbers which have only two factors, both themselves very large prime numbers.

There’s an algorithm for using quantum computing on this problem–Shor’s algorithm–and given we can do 4-bit quantum now, it’s a matter of engineering not theory to get further.

BUT: There’s a whole different set of computationally hard problems not yet tackled by a quantum algorithm called “Elliptical Curve Cryptography”.

One bad thing…all meaningful IP for it is tied up on one company making it difficult to do without their licence.