From: szabo@techbook.com (Nick Szabo)
Date: Wed, 23 Jun 93 05:59:46 PDT
To: karn@qualcomm.com (Phil Karn)
Subject: Re: Weak stenography.
In-Reply-To: <9306230815.AA25862@qualcomm.com>
Message-ID: <m0o8USx-000hwRC@techbook.techbook.com>
MIME-Version: 1.0
Content-Type: text/plain



Phil Karn:
> if they find "readdat.exe" on
> your PC, disassemble it and discover that it's a program to extract and
> decrypt ciphertext from DAT tapes, you're in trouble. And if you encrypt
> your copy of "readdat.exe", well, you now need a plaintext decryption
> program to decrypt THAT.

Perhaps some hacks (ab)used by virus writers might be useful here.
We might hide "readdat.exe" inside a larger "innocuous.exe" and
scramble it with the "mutation engine", which creates a unique signature 
for each copy of readdat.exe's code (including the engine itself, which
bootstraps from a very short common code sequence).  The result 
is they have no signature to search for, even if they already have 
a copy of "readdat.exe" and the mutation engine.

Nick Szabo				szabo@techbook.com