From: gdale@apple.com (Geoff Dale)
To: cypherpunks@toad.com
Message Hash: 11fbe74ca83377ea75640acaf37a682d26c5fd6548052f0fe9f91ad74ff234ef
Message ID: <9307190147.AA07571@apple.com>
Reply To: N/A
UTC Datetime: 1993-07-19 01:48:51 UTC
Raw Date: Sun, 18 Jul 93 18:48:51 PDT
From: gdale@apple.com (Geoff Dale)
Date: Sun, 18 Jul 93 18:48:51 PDT
To: cypherpunks@toad.com
Subject: Re: steganography
Message-ID: <9307190147.AA07571@apple.com>
MIME-Version: 1.0
Content-Type: text/plain
Bill Stewart <wcs@anchor.ho.att.com> said:
>I think Kragen's definition of "Steganographically Strong" is a bit overstrong.
>He suggests that the cyphertext should not be recognizeable by its own program,
>with no checksums or program-specific delimiters, headers, etc.
>If checksums become widely used in other data formats (e.g. MIME or whatever),
>having them used in "innocent-looking-format" is ok.
>And having a checksum that only checks out if you have the correct key
>for decrypting the file is relatively ok, assuming you use strong encryption;
>it's really no more of a giveaway than having the correctly-decrypted
>plaintext have other recognizeable format, such as all-ascii or MIME or GIF.
What you want to avoid is giving any spooks/agents the ability to:
A> Quickly scan GIFs (or whatever) on your hard disk (or .binary.
newsgroups) for files that are "likely" to be hiding something.
B> Be able to prove that you have an encrypted file. If they get that proof
they can apply pressure to you to get the key.
Anything that allows either of the above is only providing moderate security.
Return to July 1993
Return to “gdale@apple.com (Geoff Dale)”
1993-07-19 (Sun, 18 Jul 93 18:48:51 PDT) - Re: steganography - gdale@apple.com (Geoff Dale)