A newspaper receives an important leak, so encrypts it then widely disseminates the encrypted leak over, say, Bittorrent as insurance against a raid confiscating the information.
A powerful adversarial agency raids the newspaper, confiscating all of its hard drives. But we assume the decryption key is not lost.
Can a sufficiently powerful adversary realistically prevent the newspaper from ever reacquiring encrypted data? At first glance, the adversary's task seems impossible -- that was the point of widely disseminating it -- but maybe it isn't. Or at least, it might not be trivial for the newspaper to reacquire the data.
There remains a vague problem of defining just how much power the adversary has: let's say the adversary acts within U.S. Constitutional law providing freedom to the press to publish, but it is otherwise illegal for anyone else (e.g. couriers, ISPs) to transport the information, so it is grounds for seizure or filtering.
As a first step, we assume the adversary has enough power over the internet to shut down all the torrent seeders of the encrypted data. It also shuts down anyone publishing the data over other public channels.
We also assume that the adversary has the ability to monitor and filter all communication channels to the newspaper, including private channels such as physical mail and couriers.
Steganography seems initially the most promising solution. However, the abstract problem is, how can two parties who have never met agree on a steganographic scheme in the presence of an adversary trying to thwart such agreement? The adversary eavesdropping on the negotiation of steganography could gain enough information to decode the steganography. Furthermore, the recipient (the newspaper) doesn't know who the sender is, and the sender will probably be taking steps to remain anonymous.
One key piece, I think, is that the original encrypted data should also include a public key with which the sender can reencrypt the data (it becomes doubly encrypted). This way, the adversary cannot easily tell if any data it intercepts is the encrypted blob it has authority to block. It also provides a way for senders to securely communicate with the newspaper.
No comments :
Post a Comment