1993-07-15 - Re: xor data hiding?

Header Data

From: mike@EGFABT.ORG (Mike Sherwood)
To: cypherpunks@toad.com
Message Hash: 98cacfc160ea639ff1db03211530b5836e7517d50568228c7f25cec152c96622
Message ID: <0HwP7B2w165w@EGFABT.ORG>
Reply To: <9307150536.AA03891@triton.unm.edu>
UTC Datetime: 1993-07-15 07:43:47 UTC
Raw Date: Thu, 15 Jul 93 00:43:47 PDT

Raw message

From: mike@EGFABT.ORG (Mike Sherwood)
Date: Thu, 15 Jul 93 00:43:47 PDT
To: cypherpunks@toad.com
Subject: Re: xor data hiding?
In-Reply-To: <9307150536.AA03891@triton.unm.edu>
Message-ID: <0HwP7B2w165w@EGFABT.ORG>
MIME-Version: 1.0
Content-Type: text/plain


J. Michael Diehl <mdiehl@triton.unm.edu> writes:

> Many encryption tools such as ripem, pgp, and dolphin can recognize their own
> output...which indicates that there is a footprint to that particular
> implimentation.

in this case, you're just trying to garble what people see so why not 
just xor "hello, world." /bin/csh or \command.com on top of it to avhieve 
that result.  No need for anything significant, I mean, if you xor 'X' 
over the whole thing, you've achieved the same result - after all, if 
someone wants to xor 'X' to knock that level of encryption(if I may call 
simple substitution "encryption") then it's fair to assume that the 
person knows it's cyphertext and they want the information below it, so 
that's a good place to use some decent encryption.. "congratulations, you 
have found the secret message. send the answer to old pink care of the 
funny farm" (Pink Floyd, The Wall (backmasking)) is what readily comes to 
mind when i see what you're getting at.. after all, searching a disk for 
data that fits specific patterns is one thing, figuring out that one of 
the index files for a database program with literally hundreds of 
database files and indecies (I used to work on programming such a 
database, so I know they exist and that they are a perfect hiding place 
for just about everything) is actually an encrypted file isn't a walk in 
the park.  anyway, enough babbling - hope some of it makes sense. =)
the park


--
Mike Sherwood
internet: mike@EGFABT.ORG     uucp: ...!sgiblab!egfabt!mike






Thread