In the U.K. you can be convicted for not being able to decrypt data in your possession which the prosecutors think is encrypted. Ie if I filled a hard drive with random bits and sent it to you, you could be found guilty of not knowing the decryption keys for that disk.
> if I filled a hard drive with random bits and sent it to you, you could be found guilty of not knowing the decryption keys for that disk.
Technically true but misleading. It's true in the same sense as "if I plant evidence to frame you for murder, you could be found guilty of murder". I mean, sure, but that skips over the bit where the prosecution has to prove to a jury, beyond reasonable doubt, that you did actually commit the murder. Or in this case, that the hard drive is filled with encrypted data and that you have the key to it.
In particular, the implication that if the police find some random data that they think is encrypted, you can be convicted just on the assumption that it's encrypted and that you have the key to it (unless you can prove otherwise) is false. If there's enough evidence to raise a question about whether you have the key to something that could be encrypted data, the burden of proof is on the prosecution to prove you do have the key to it (and therefore that it is encrypted data) beyond reasonable doubt: s.53(3) http://www.legislation.gov.uk/ukpga/2000/23/section/53
(to be clear I definitely do agree it's a bad law, just not for burden-of-proof-reversal reasons)
The problem with this is that proving that someone didn't forget something beyond a reasonable doubt is basically impossible. People forget stuff all the time. Especially once you throw in the stress and change in environment of a legal proceeding.
The result is that either the law has no practical effect because anybody can claim they forgot, or the courts fudge the requirement to prove that beyond a reasonable doubt in order to give the law effect, and then you put innocent people behind bars because they really did forget.
Then I would XOR it with any plaintext of the same length and use the resulting "key" to satisfy my obligation under the law to enable "decrpytion" by the one-time pad algorithm.
It is true but not really relevant that they're smarter and more powerful than me. Since they don't trust me, they won't let me decrypt the disk D but will demand the key K to do it themselves. Recall K = D XOR P for some readable plaintext pictures or files, etc., I've already chosen. The "decryption" yields the perfectly readable output P = D XOR K.
Well, I read the original comment as being a: "here, K is the password, D XOR K is your results" idea -- based on that any D XOR K is technically a decryption, whether random stuff comes from the process.
If you intend K to provide "perfectly readable output", then
(1) if you actually produced the contents of D yourself to hide data, then you need to come up with some scheme so that K provides "perfectly readable output" and some alternative V provides D XOR V (or another decryption scheme) that gives you your actual secrets. I don't think it's that easy to have "perfectly readable data" on D XOR K plus have your secrets with another key. Except if you mean through steganography, but then K is not needed at all.
(2) if you were just send a random noise drive to "frame you" then you need access to the drive to come up with a K so that D XOR K decrypts to valid data.
This is a one-time pad. Given a ciphertext D it's trivial to come up with a key K that "decrypts" D to whatever plaintext P you want (K = D XOR P). This is why one-time pads are immune to brute-force search.
