1995-01-12 - Re: How do I know if its encrypted?

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Message Hash: 0c3bed525c9774adb1a43742f92b3f35556cef232e16c40164796422cb582616
Message ID: <199501120648.WAA12523@netcom5.netcom.com>
Reply To: <ab3a75370402100421a8@[132.162.201.201]>
UTC Datetime: 1995-01-12 06:49:51 UTC
Raw Date: Wed, 11 Jan 95 22:49:51 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 11 Jan 95 22:49:51 PST
To: jrochkin@cs.oberlin.edu (Jonathan Rochkind)
Subject: Re: How do I know if its encrypted?
In-Reply-To: <ab3a75370402100421a8@[132.162.201.201]>
Message-ID: <199501120648.WAA12523@netcom5.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Jonathan Rochkind wrote:

> The context this was being discussed in, was trying to make _plaintext_
> look like _ciphertext_. The operator of a data haven or remailer might
> hypothetically want to ensure that all text he dealt with was encrypted.
> So your method wouldn't do anything in that area.  Unless you can think of
> a way to embed plaintext in ciphertext in such a  way that it looks like
> ciphertext, and my guess is that any method that did that well would be

As I said in a recent message, there is no general way to "prove" that
a file is encrypted, only to have pretty good confidence that it is.
(This is at the core of algorithmic information theory, a la
Kolmogorov and Chaitin, goes to the heart of what is meant by
"randomness," and is linked as well to the halting problem and other
such stuff.)

I had a need to actually do what Jonathan is talking about: make a
file look like it was encrypted but actually have a simple text
message in it.

My application was an experiment to bait the line for some thought
policemen who decided that they would decide which pictures were
approprate and which were not. So, I created a plausible-looking
PGP-like file and posted it to the new group
"alt.binaries.pictures.erotica.children" and announce that an
"interesting" picture existed there.

The squeals of the net.cops were impressive to behold! Demands to
Netcom that I be expelled from the Net, that the "Child Welfare
Agents" would soon be breaking down my doors, etc. 

But, given the climate of our time (this was in July 1993) and given
the potential failure of the "It's not a _real_ file" defense, I
protected myself in any easy way, but running an English message down
the diagonal, saying something like "This is not a real encrypted file," etc.
Even a lawyer would have to admit that no real encrypted file could
have English emerging randomly. Entropy, and all that.

So, this was an ostensibly encrypted file which contained unencrypted
text. It would very likely have passed any tests for "randomness"
and hence would have been passed by any "encrypted only" filters. (The
English text was a tiny fraction of the entire file, so the deviation
from near-maximal entropy would likely go undetected. Fluctuations
would be larger, depending on file size.)

Nobody spotted the message. After several days, I "let the truth be
told," which of course enraged others. 

I though this digression might be amusing to some.

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay






Thread