Legal compulsion and self-incriminating passphrase

[Caspar Bowden]

> [mailto:owner-ukcrypto@maillist.ox.ac.uk]On Behalf Of Michael Froomkin
> > I think the legal point of significance about the self-incriminating
> > passphrase example is that the passphrase is not written down, it's in
my
> > head.
>
> Alas, not.  As others have pointed out, a passphrase is not
> "testimonial", ie the fact that a statement is all or part of a passphrase
is not
> probative of its truth.

Now I'm really confused. Nicholas Bohm thinks it might hold water, David
Swarbrick thinks it doesn't depending on whether previous use of the
passphrase is something that can be searched for (although no trace of it
remains), and Michael Froomkin says no passphrase can be testimonial
(incidentally not sure if you reached the final para of my previous post. A
passphrase surely can be testimonial in the extreme case that the crime is
the sending of a piece of e-mail, and the passphrase is a - legally
binding - digital signature attesting to authorship).

I still wonder about my original citation from Sergienko
http://www.urich.edu/~jolt/v2i1/sergienko.html

"A cryptographic key need not have testimonial content. A key can be any
word, phrase, or a series of randomly chosen digits. However, one can
imagine a cryptographic key that has been given an incriminating,
testimonial content by making it a word or phrase that confesses to a crime.
Many seldom-enforced statutes[16] enable one to confess to a crime in one's
cryptographic key, thereby triggering potential criminal liability and
therefore the protection of the Fifth Amendment"

--
Caspar Bowden
Director, Foundation for Information Policy Research
Tel: +44(0)171 354 2333
Fax: +44(0)171 827 6534