Imagine the situation where you have sensitive data on your computer, and someone knocks on your door with a notice requiring you to decrypt that data for them. What precautions can be used to protect your data?
The most obvious solution is to destroy your encryption key, which makes retrieval of the data technically impossible. If the key is on a floppy-disk, keep some scissors handy. If the key is on your hard-disk, wipe it, don't just delete it.
This leaves the obvious question, how do you get the data back when you finally need it? This is where the concept of key-sharing comes in useful.
With PGP, you can create a number of key shares, so that if you take 10 floppy-disks and post them to friends to store, then you need to bring 5 of those disks together to recreate your encryption key. This stops your friends from reading the data (because they only have one part of the key, and they would need 5 parts) and it also stops the police from retrieving the key (because they have no idea who's got the shares, or how many there are)
Of course, this leaves you with a problem if your trusty government happens to find out that someone else has one of your keys. It's no long stride to figure out that it's part of a share, and to demand that you tell them about the others.
So to get around this problem, one solution would be to create and distribute these keys, but with some errors in them. You get forced to ask people for the keys back, the police reconstruct the key, and it doesn't work. You're as surprised as anyone by the technical problems, it must be a corrupted disk, and your data is safe.
Which brings us back to the problem of getting the key yourself when you need it. I suppose the best solution to this would be simply to hide some disks around the local area. If someone stumbles across one, it's useless without the other n disks. If someone takes a few disks, you can still recreate the key with a certain percentage of them. And nobody but you knows where they are hidden.
So why give key shares to your friends at all, if hiding them is a better option? The answer revolves around your legal obligations to reveal the key. Someone asks you to decrypt something, you say no, the key's been deleted. They don't believe you've not got a backup, so they force you to tell them where the backup is. Eventually after many threats, you point them towards your friends' key shares. They collect them, it doesn't work because of the errors with that key, but now they've no further reason to distrust you, because you've already given them the backup key.
If you have a key which is used for communications, it may be in your best interests to simply destroy the key without backup. With that, all proof is instantly destroyed. This should certainly be your intention if the key guards military or terrorist plans.
Many of you reading this may have a legal background, so maybe I should cover some possible legalesque strategies. So far as I can tell, the only defence is the European convention for the protection of human rights and fundamental freedoms:
"Article 8 – Right to respect for private and family life
Hence, if a government reads your emails without good reason, they infringe on your right to private correspondance, an interpretation backed by the European Parliament.
Of course, if reading your email is in the interests of the economic well-being of the country (read: if it helps the arms trade to spy on you) then you have no such defence. Similarly, the police can be very vague about just how tangentially someone needs to be connected to a criminal case before they start reading every email that person sends.
The act makes it illegal to tell anyone if your encryption key has been compromised by the police, or by a spy agency. I propose the following common-sense solution.
Of course you can't answer the question, it's illegal to do so under the RIP act. But if you don't answer the question, it becomes blindingly obvious that your key has been compromised, so your friend can get in contact with everyone to warn them.
This article is written for the UK. It relies on my interpretation of the Regulation of Investigative Powers Act, 2000, which is completely (and intentionally) unintelligible, so this is based on my best interpretation of its text. If you spot any glaring errors, please feel free to email me.
