1995-07-16 - Stego Standards Silly ? (

Header Data

From: monty.harder@famend.com (MONTY HARDER)
To: CYPHERPUNKS@toad.com
Message Hash: 7e17da28a934056b93821ac7fbb5c20bf624fdd1a629ef7dc75d738112b531cf
Message ID: <8AD5238.000300015F.uuout@famend.com>
Reply To: N/A
UTC Datetime: 1995-07-16 16:04:04 UTC
Raw Date: Sun, 16 Jul 95 09:04:04 PDT

Raw message

From: monty.harder@famend.com (MONTY HARDER)
Date: Sun, 16 Jul 95 09:04:04 PDT
To: CYPHERPUNKS@toad.com
Subject: Stego Standards Silly ? (
Message-ID: <8AD5238.000300015F.uuout@famend.com>
MIME-Version: 1.0
Content-Type: text/plain


LM> The standard answer to agent-in-the-middle tampering is of
LM> course digital signatures. Now, the question is, will we be allowed to sign
LM> our possibly-stego-enclosing GIFs with reasonable confidence that the govt.
LM> can't forge our signatures ? Obviously the signature itself can't be
LM> stegoed, or else we fall into an infinite regress.

  Not obvious at all. You encrypt and sign as usual, stego the resultant
output, and perhaps include in the stego routines some kind of CRC or
hash if you like. But the point is that the signature still works to
indicate whether the message was tampered with or not.

  If we posit a MITM, he can tamper with cyphertext =or= stegotext, but
he can't defeat the signature. I would recieve a GIF which my stego
software would turn into a file that PGP would puke on, telling me that
Someone Is Messing With My Mail.

  I would not, of course, be able to reveal this fact directly. However,
I could ask my correspondent to re-send the GIF, and when it comes out
different in EVERY SINGLE LSB, I have proof of tampering.

 * Support legislation for a waiting period on taglines.......
---
 * Monster@FAmend.Com *    





Thread