That's concerning. So, logically there's also no way to prove that a particular encryption key wasn't actually the one used, despite it "working". I suppose the fact that the rest of the data would still be garbage might but...
It's not that easy to create a construct that will combine random data into something sensible although I must admit it's an interesting idea.
If you want plausible deniability you best use the "hidden volume" approach such as found in Truecrypt/Veracrypt where you create a crypto archive inside a crypto archive. You can give the key to the outer archive in which case you have effectively complied with the order (best if you include some stuff in there that is mildly controversial/salacious) - it would be up to the government to prove that more data existed inside that archive, which is where you end up with plausible deniability as it's hard to prove the existence of another archive (ergo it's hard to prove any further non-compliance).
The problem is that the bad guys know this too, and have more incentive to educate themselves than the average curious tech who's just experimenting. I understand that it's frustrating not to have the easy backdoor they so desire, but I'm getting a tad tired of the eternal assumption that the really bad guys are stupid because they're not.
Biting the hand that feeds IT
