Refusing to provide your passwords is itself a crime in the UK, not to mention obstructing an investigation and god knows what else they decide to stick you with for trying to have some privacy. I believe the idea is to threaten you with more jail time than you would receive for the crime you possibly committed.

Luckily with modern key agreement protocols the user never knew the decryption keys at all. Encryption of data at rest is another matter. We need better duress mechanisms there, and in order for those to be effective we need a big cleanup of how many applications store user data.

The term for the concept is forward secrecy, or often "perfect forward secrecy". It seems like magic to me, too, and I'll probably be reviewing the basics tonight. I couldn't begin to tell you how the trick is accomplished.

Somehow, an attacker can have your whole conversation log (encrypted), including the key exchange, and be unable to retrieve the key used, even if he has the credentials you used at the time the key was generated.

The real crux of the question may be, "How does Diffie-Hellman work?" (Well known key exchange method.)

Yes, I understand PFS, ratcheting and all that. But you're talking about stuff captured off the wire. And yes, that can be protected with PFS. Even OpenVPN does that. But I thought that we were talking about devices and stuff stored on them. Even if all transport had PFS, devices and encrypted files all have passphrases and/or secret keys.

I've been curious about one aspect every time I've seen this law mentioned.

Theoretically, let's say you use VeraCrypt or something similar to create a password-protected volume inside a big .mp4 file using steganographic techniques. A second secret password is set, which can decrypt another hidden volume which contains the actual sensitive data.

You give out the password for the first volume under duress.

Would that be enough to satisfy the law? If so, isn't it undermined?

They all know about VeraCrypt, and passwords for hidden stuff.

Yes, but the point I'm getting at is whether someone could hypothetically still be outside the law if they gave access via the first password, but the interrogators suspected (but could not prove) that a second volume existed.

They don't need to prove anything. They just imprison until you reveal the password for the hidden volume. And if there's really no hidden volume, then you're SOL.

Max tariff in the UK is 2 years, or 5 in Terrorism cases. Does anybody have any actual insight on this specific UK law, rather than guesses?

Once again, this is in context of UK law. So speculation about rubber hoses in dungeons isn't particularly relevant (luckily).

> […] a crime in the UK

I don't think somebody living outside of UK cares. The threat only wors if that person lives in UK jurisdiction. Not everybody does.

It seems to work in the US. There's a man in Philadelphia, who's been jailed for years. He's charged with contempt of court. because he claims to have forgotten the FDE key for his macOS box. Which investigators believe is loaded with child porn. And so he periodically sees the judge, who extends his sentence for contempt. There's apparently no limit under current US law.

Well, a lot of people live in EU jurisdiction. And at least until March 2019, a UK warrant can cause you to be arrested by any EU police if one of the crimes covered by the warrant is also illegal in the country where you're arrested.

How can they prove that you know the password? What would the consequences be if you legitimately forgot or didn't know the password?

Very likely, you just stay in jail until you remember. Or whatever the maximum is, if there is a maximum.

It comes down to whether a judge believes you or not.