I've red an article today about two brits convicted for refusal to decrypt their data.

It got me thinking about encryption .. Encryption, at it's core principle is somewhat like a locked safe.

On one hand, you have something of value that for whatever reason you want to keep for yourself.

On the other hand you have a secret key to access what you wanted to keep for yourself.

Encryption uses the same principle but, since we want to secure something that physically doesn't exists, something that is only data, we can remove the physical container and key from the equation.

Which means that actual the data you want to protect act as the container. The principle is quite simple, the data is scrambled until no reverse engineering is possible (well theoretically). Then you have a secret key, that is also physically inexistent that can be used to unscramble the data and make it readable again.

All this works quite well in everyday scenario and encryptions does a somewhat good job at keeping our critical data safe.

There is some ways to circumvent encryptions, however most of them aren't that much effective.

You can try to brute force it, but this more or less amount to hitting an military-grade safe with a sledgehammer until the doors magically open. It can be a .. well long process and the results aren't guaranteed..

Cracking is also theoretically possible, but your chances to actually crack or find a collision in MD5 or SHA1 are probably somewhere near the probability of getting laid with Jessica Alba.

And if you did slept with Jessica in the past 24h, well take a wild guess my friend;

0e1ba0c185356c4cfde3c3db73ef305262fab743

The most common and easiest way to crack an encryption is using what they call a "man in the middle" strategy. It basically equate to stalk your victim until you see the key, and when you do see it, you copy it. However it implies that you can A) stalk the victim and B) that the victim is accessing his encrypted data while you are looking.

Encryption are so effective at keeping our data secret, that some governments started to implement laws that force their citizen to give away their encryption keys when asked. Why the government would want to peek around your secrets ? Well there is many reasons, some legitimate, some not.

That pretty much defeat the purpose of encryption if you ask me .. the government didn't need such laws for traditional safes since they could always break the safe open with the help of a specialist.

However, it's harder to break something you can't see. But now, with those laws, they can.

And if they can, it becomes an attack vector.

Hypothetically, one of your enemy could use its connections or governments ties to coerce you to open your "virtual safe". Of course it implies the system is corrupt .. but from what I've seen since I'm in age of reading about politics .. it's legitimate to think that corruptions isn't uncommon.

If the Hells Angels bikers managed to use a governmental institution as a central intelligence agency, one can assume a lot of things.

That said, I think of an easy way to circumvent such scenario.

The encryption processes would be the same except that instead of only encrypting only your secret data, you encrypt two set of actual data. One that is really secret, and the other that isn't much secret.

Now let's say I want to encrypt a file named "password.txt". I join another file with more trivial data, let's say "grandma_secret_sauce.txt". Both files would constitute the "safe", but each of them would have their own password.

That way if one day I'm coerced by law to open my virtual safe, I just type the second password and only "grandma_secret_sauce.txt" comes out of the decryption.

As long as the secondary encrypted data is in the realm of probability, I mean as long as it looks as something that is worth the effort of encrypting .. there's no way the person who forced you to decrypt it can tell if it's the original data or not.

Not sure how this concept could be implemented nor if it would be really effective .. It juts flashed me when I've red the article from The Register..