[rprospero]

The bit that's never made sense to me about that is that the attacker is equally aware of this feature of TrueCrypt. Once you've given the password for the outer volume, wouldn't the attacker just keep on with the rubber hose until you've also given the password for the inner volume? Obviously, she can't prove that there is an inner volume and she might just be wasting her time. On the other hand, you can't prove that there is NOT an inner volume, so it's in the attacker's best interest to just keep up the torture until either the attacker has enough keys that the encrypted data size equals that of the entire TrueCrypt volume or you've been killed by the rubber hose.

If we believe that torture would cause me to disclose the password of a file without a hidden volume, wouldn't it be just as effective at getting me to give the password to my hidden volume?