Masking Cryptocontainers

---


In March 2015, a resident of Pennsylvania, under the alias John, suspected of possessing child pornography, was searched, which revealed no evidence of a crime; however, law enforcement seized two encrypted hard drives from him.

He was lucky: had he stored the information in plain sight, law enforcement would have easily accessed it, but instead, he simply had to forget the passwords or refuse to provide them. Like any reasonable person in his situation, John forgot the passwords, and law enforcement was unable to crack the cryptcontainers.

Everything should have been fine: in the absence of evidence, John should have been released; however, the court ruled that John must remain in custody until he complies with the court's demands – providing the correct passwords. Thus, the man cannot leave prison until he decrypts his cryptcontainers, even if he truly forgot the password.

Prior to this, John had worked in the police for 17 years, had no prior convictions, and his inability to decrypt his drives is not a crime; there is no evidence of his guilt – which is what his lawyer tried to point out; you can read more about it in English here.

No charges, other than contempt of the court's disputed decision or even inability to comply with it, have been brought against John; apparently, the right to refuse to testify against oneself in the U.S. does not apply here.

But this is not the only such example; in this chapter, we discussed similar cases in Britain. From these stories, one conclusion must be drawn: simply encrypting information is no longer enough; it is also necessary to conceal the encrypted data in such a way that proving its existence becomes impossible.