Mathematically / statistically "safe" way to differentiate between crypto and random blob?

Question

I assume the United Kingdom will impose (as opposed to just talk about it) restrictions on crypto software that may be used within it's borders.

Me, quite the border clown (yes, I always bring a up to nine (only because I can't fit ten times 100ml plus containers into a 1000ml bag) re-sealable, see-through containers of pure tap-H₂O, all of them put into a clear see-through, re-sealable plastic bag of no larger volume then 1 liter, to the airport, just to have them all individually sent through expensive-looking devices, checked for any impurities for my own safety, and only to empty all of them right after I have gotten them back from very grumpy border agents into my large mouth) and always having been a hardcore believer in the European Union and every person's unalienateable right to speak freely, privately and without any government intrusion; I would like to bring a USB thumbdrive with a few megs of /dev/random, generated by Linux with the help of a hardware PRNG, or just some concatenated hotbits.

I assume I will be questioned about the contents of the USB thumbdrive and will, truthfully, state that the contents are just random bytes. Depending on the amount of humor (in this case, humour) of the border agent I will spend some snuggly time in a holding cell thereafter.

What means do I have to prove, mathematically and statistically, that my random bits are indeed just that – random bits? What attacks (NIST-tools, chi-squared test, …) might the border agency run against my random bytes to try to prove their non-randomness? What software might he use? What software should he use?

Disclaimer: I am in no way affiliated with any nations government except casting my vote very four or five years. I might one day have to come back to this page from my suggly holding cell. See, officer, I told you.

Answer 1

If anything can distinguish a blob of random data from an encryption of some (known) data (other than any intentionally added data formats, like a header or a length difference), the encryption algorithm is called broken. (This is one of the variants of the ciphertext indistinguishability criterion for ciphers.)

As there are several encryption algorithms which seem to fulfill this criterion, this means in reverse, no, you can't prove that some self-created blob of random data is really random.

A possible solution would be to have some third party generate the random data for you, and sign a confirmation that it is random. I'm not sure that there is such a service – while random.org offers random numbers (or bytes), I don't see something which can certify those. (One idea would be to store a transcript of the TLS connection by which you downloaded it, but that can also be faked.)

You can download pregenerated files from random.org – assuming random.org isn't part of your conspiracy, this should be good enough to prove you don't have encrypted data there. (But it would also be utterly useless to carry them around in your USB drive, other than to annoy the border guards.)

Another thing to keep in mind: Even if you have real random data with you (which you might previously have shared with someone else), you (or your partner) can later use this to encrypt plaintext (using a one-time-pad) to be sent over the Internet. So allowing you to bring random data into the country just opens the way for you to use encryption later.