I hear the phrase “rubber hose decryption” thrown around a lot. The concept of rubber hose decryption is essentially that any encryption is only as strong as its password, and the password can eventually be beaten out of you (presumably with a rubber hose). The term can also be applied to other unsavory – but certainly less severe – tactics like blackmail or imprisonment. There are some potential countermeasures, but they may not be the ones you think.
Rubber Hose Decryption Countermeasures
VeraCrypt/TrueCrypt Hidden Volumes: Hidden volumes within outer “standard” encrypted volumes are sometimes touted as a way to avoid forced decryption. You give the adversary the password to the outer volume which contains some semi-sensitive information, while keeping the “good stuff” in the hidden volume. It is theoretically impossible to prove the existence of a hidden volume. In reality, the attacker could continue to apply physical force on you until you reveal the password to both. Given enough time or physical abuse, most of us would eventually give up the hidden volume. In fact, NOT having an empty hidden volume might even be counterproductive to your plight. Without it you can’t prove its non-existence and cannot make the torture stop. Taylor Hornby of Defuse Security has written about this in a very well-reasoned article (you should go read it).
VeraCrypt and TrueCrypt’s hidden volumes are effective against unsophisticated adversaries. These may (or may not) include your boss, your spouse, or your parents. It may also be effective in instances where the protected information is extremely time sensitive and you only have to hold out for a short period of time. I would never rely on a hidden volume to save me if life and liberty were at stake. So how does one protect precious data against rubber hose decryption?
Zero Knowledge: The only way to guarantee that a password is not given up during a “forced physical extraction” is pretty simple: don’t know it. There are a number of ways, both simple and complicated, that this can work in practice. All of them rely on someone else knowing the password or how to get it. An example might look something like this:
- Generate a password randomly and give it to someone else. When you need it, have them give it to you. If you and your data are captured you cannot give up the password because you truly don’t know it. This might work well in certain situations like a border crossing; change the password just before your crossing and retrieve it once you are safely on the other side. Alternatively, you could use keyfiles with the volume and not have access to those, or a hardware token like a Yubikey. A note of caution is in order, however: if you, by yourself, can retrieve the keyfiles, hardware token, or whatever, this knowledge is tantamount to knowing the password.
Of course, the zero knowledge approach to defeating rubber hose decryption ensures that you will be in it (the bad stuff) for the long haul. It is also an unworkable strategy for day-to-day use. This is mostly a theoretical exercise for most of us, but something worth thinking about.