>I hope he is correct that the information that he claims to have extracted from NSA servers cannot be extracted from him against his will, but I don't assume that to be true in the absence of evidence. That's an extraordinary claim, so it requires extraordinary evidence.
>... an extraordinary claim, so it requires extraordinary evidence,
Not.
"Normally ciphertexts decrypt to a single plaintext and hence once decrypted, the encryption user cannot claim that he encrypted a different message. Deniable encryption allows its users to decrypt the ciphertext to produce a different (innocuous but plausible) plaintext(s) and insist that it is what they encrypted. The holder of the ciphertext will not have the means to differentiate between the true plaintext, and the bogus-claim plaintext(s)."
"Secret sharing (also called secret splitting) refers to methods for distributing a secret amongst a group of participants, each of whom is allocated a share of the secret. The secret can be reconstructed only when a sufficient number, of possibly different types, of shares are combined together; individual shares are of no use on their own."
Let the shared secret be deniable-crypto plaintexts. Threshold T sharers may release plaintext_1 while ignorant of a different sharer subset intersection may release a different plaintext_n, benign or otherwise, for example.
At another level of deniability, Snowden may also not even know the current identities or nos of secret sharers participating.
>... an extraordinary claim, so it requires extraordinary evidence,
Not.
"Normally ciphertexts decrypt to a single plaintext and hence once decrypted, the encryption user cannot claim that he encrypted a different message. Deniable encryption allows its users to decrypt the ciphertext to produce a different (innocuous but plausible) plaintext(s) and insist that it is what they encrypted. The holder of the ciphertext will not have the means to differentiate between the true plaintext, and the bogus-claim plaintext(s)."
http://en.wikipedia.org/wiki/Deniable_encryption
with:
"Secret sharing (also called secret splitting) refers to methods for distributing a secret amongst a group of participants, each of whom is allocated a share of the secret. The secret can be reconstructed only when a sufficient number, of possibly different types, of shares are combined together; individual shares are of no use on their own."
http://en.wikipedia.org/wiki/Secret_sharing
Let the shared secret be deniable-crypto plaintexts. Threshold T sharers may release plaintext_1 while ignorant of a different sharer subset intersection may release a different plaintext_n, benign or otherwise, for example.
At another level of deniability, Snowden may also not even know the current identities or nos of secret sharers participating.