[Dedime]

For Irish people who wish to subvert this order, there's a handy concept in cryptography known as deniable encryption. Essentially, users (you) may convincingly deny that a plaintext version of encrypted data exists.

VeraCrypt, a source-available encryption program, supports this form of encryption, such that you can create an encryption file, say 1GB. You place a password on the "outer" volume, so that when you enter the password, it mounts the encrypted volume and it appears unencrypted. However, you also put into place an "inner" hidden volume. When you enter the password for the inner volume, it mounts a separate encrypted volume. Adversaries cannot detect this inner volume, and when they twist your arm to unlock the encrypted veracrypt file, you can enter the password for the outer volume, keeping the secrets of the inner volume safe.

[tcoff91]

so let's say the encrypted volume is 1GB. let's say there's 250MB stored in the hidden volume. Can't you reveal the existence of the hidden volume by writing data to the 'outer' volume until it is full? If you can't fit 1GB of data in the 'outer' volume doesn't that mean there must exist a hidden volume?

[CGamesPlay]

When mounting, you must provide the outer volume password and you may provide the inner volume password. If you mount the inner volume, you must provide the inner volume password.

If you are plausibly denying the existence of the inner volume, you mount the outer volume without the inner volume password. The driver happily overwrites the "free space" where the inner volume keeps its data. It is in fact unsafe to modify the outer volume at all without providing the inner volume password (if an inner volume exists).

[edit] VeraCrypt it seems only accepts the outer volume password when creating the hidden volume, but here's more about it: https://www.veracrypt.fr/en/Protection%20of%20Hidden%20Volum...

[steelframe]

Great. Now they don't know when to stop twisting your arm.