1995-07-15 - Stego Standards Silly ? (Was: Re: def’n of “computer network”)

Header Data

From: lmccarth@cs.umass.edu (L. McCarthy)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: d5119db826f25564512517bb97ed31f11f59dfe7289ffb10ced9f7d03d82ca5e
Message ID: <9507150023.AA10363@cs.umass.edu>
Reply To: N/A
UTC Datetime: 1995-07-15 00:23:14 UTC
Raw Date: Fri, 14 Jul 95 17:23:14 PDT

Raw message

From: lmccarth@cs.umass.edu (L. McCarthy)
Date: Fri, 14 Jul 95 17:23:14 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Stego Standards Silly ? (Was: Re: def'n of "computer network")
Message-ID: <9507150023.AA10363@cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Hugh seems to have restored the full list on Majordomo, so I'll forward the
last couple of messages I sent/received yesterday that should have gone to
the whole list....

-Futplex

Forwarded message:
>From lmccarth Fri Jul 14 00:12:07 1995
Subject: Stego Standards Silly ? (Was: Re: def'n of "computer network")
To: cypherpunks@toad.com (Cypherpunks Mailing List)
In-Reply-To: <9507140229.AA13447@snark.imsi.com> from "Perry E. Metzger" at Jul 13, 95 10:29:29 pm

-----BEGIN PGP SIGNED MESSAGE-----

.pm writes:
> Indeed -- how could the recipient even know to look, unless these
> things arrived regularly and with a fully standardized form of
> stegonography, in which case why bother, all you've done is come up
> with a very odd form of transfer encoding.

I agree, but AFAICS an odd form of transfer encoding is exactly what the
doctor ordered. For plausible cryptodeniability, one wants to send 
ciphertext using a transfer encoding that doesn't automatically ring alarm
bells. Steganography amounts to laundering Content-Type: headers.

> If the recipient does know to look, that implies either that there is
> a hint, in which case the stegonography is useless, or it implies that
> you have prearrangement, in which case my comments on prearrangement
> hold.

If the recipient isn't getting spammed with GIFs (or whatever), she (or
rather her MDA) can simply look at all of them by default. Of course this
does not help with anonymous message pools on the order of Usenet, but that
is a sub-issue.

Deranged Mutant raised an IMHO important issue a few months ago. He suggested
that Mallet could go about trashing the purportedly "random" bits in each
instantiation of some transfer encoding used in a stego standard. For
example, he shuffles the LSBs of every passing JPEG. I'm not sure how feasible
this would really be (both technically and sociopolitically), but it
could be a big annoyance if only a few people were suspected of using stego
method XYZ. 

The standard answer to agent-in-the-middle tampering is of
course digital signatures. Now, the question is, will we be allowed to sign
our possibly-stego-enclosing GIFs with reasonable confidence that the govt.
can't forge our signatures ? Obviously the signature itself can't be
stegoed, or else we fall into an infinite regress.

 -Futplex <futplex@pseudonym.com>

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMAXuSWf7YYibNzjpAQHlpQP/f3/e5iRl67zU3TLYZH1oNBBjC1+LYPH8
VkQMhvtRdlo2xBkY56jaZ6hZuzWanknVD1EKrG72vl5sPytXXDs5dVplFlelVw6f
VjC2UxNHe0dQHmmJqXNMMq4qlC8ZxgtNf4P9O+6iJKjz6SbA7F6LuRd+3TXv5tHm
xgGSY5bzJp8=
=ia+X
-----END PGP SIGNATURE-----





Thread