1993-03-12 - [CRYPT: Dingaling Denning & random # generators]

Header Data

From: Doug Humphrey <digex@access.digex.com>
To: cypherpunks@toad.com
Message Hash: 9f7fe1422d0b49db18a1dbb8464470eb4053498d8bf4eca26cb755ac72ed2082
Message ID: <199303120223.AA11719@access.digex.com>
Reply To: N/A
UTC Datetime: 1993-03-12 02:25:01 UTC
Raw Date: Thu, 11 Mar 93 18:25:01 PST

Raw message

From: Doug Humphrey <digex@access.digex.com>
Date: Thu, 11 Mar 93 18:25:01 PST
To: cypherpunks@toad.com
Subject: [CRYPT: Dingaling Denning & random # generators]
Message-ID: <199303120223.AA11719@access.digex.com>
MIME-Version: 1.0
Content-Type: text/plain



>As I posted once to sci.crypt: encrypted communication is virtually
>interchangeable with and indistinguishable from communication itself.
>How does someone `know' that you are encrypting a message? 

This is not strictly true.  While someone might not be able to tell
that you are engaged in the act of encrypting a message, the
transmission of encrypted communications is often detectable.
Spread spectrum transmissions often look like an increase in the
noise floor of certain communications channels, prompting systems
to think that there are malfunctions, and to dispatch someone to 
take a look at the facility.  If they throw a spectrum analyser 
on it, it doesn't look like valid data in most cases, just noise.

With voice communications it is easy to recognize the patterns
that speech generates, and they look very different from the 
randomness that simple crypto produces.  Unless one uses a 
post-crypto wave shaper to simulate the amplitude changes that 
speech produces, it is simple to build a circut that can make a 
pretty accurate evaluation of voice/data/crypto going by it.
Nothing more difficult in 1993 than was the first 2600 hz
detector circut when it was put into widespread production use
in the phone network.  In fact, given that modern switches are 
already digitizing the signals, a little DSP hardware should 
make quick work of the first cut, narrowing down which lines 
should receive harder evaluation to see if people are trying to 
protect their privacy.

>To do something like have completely tappable communications, we'd need
>half the country to monitor the other half, to make sure nothing out of
>context is going on.

You under estimate some technologies ;-)

>Only problem with this is, who monitors the monitors? 

Who watches the watchmen?

>No, I don't buy that paranoid plop about how it would be "trivial" to
>set up filters that "detect" encryption, or that this is happening on a
>widespread scale by the NSA in the U.S. This is an absolutely absurd
>claim.

It would not be trivial.  On the other hand, an order allowing the 
modification of the entire telephone network to allow the FBI to 
have "most-favored-wiretapper" status is also non-trivial, and some
are trying to make it happen.

>These mechanisms could be just as trivially defeated (although
>a-priori knowledge of their function may be required).  People who
>think encryption is different from communication think that symbols are
>different than letters.  Speaking as a programmer, good luck explaining
>it to a computer.

Maybe you over-estimate technology here.  We are not talking about
breaking crypto here, just detecting it.  By its nature it changes
the overall composition of the data.  Randem data still looks random,
it is true, but a phone call represents a certain context, and 
within that context there is an expected behaviour pattern (or ten
or twenty behaviours, but it makes no difference).  Within the 
context, it can be easy to see the change that crypto brings, 
unless there are active means taken against it.

Doug





Thread