From: Black Unicorn <unicorn@access.digex.net>
To: cypherpunks@toad.com
Message Hash: 0c4d03c0ea1e873f333e3d104384315d28b7ed1f65ca173bbd2a62a2e124e29b
Message ID: <199403031207.AA10243@access3.digex.net>
Reply To: N/A
UTC Datetime: 1994-03-03 12:07:43 UTC
Raw Date: Thu, 3 Mar 94 04:07:43 PST
From: Black Unicorn <unicorn@access.digex.net>
Date: Thu, 3 Mar 94 04:07:43 PST
To: cypherpunks@toad.com
Subject: Re: Standard for Stenography?
Message-ID: <199403031207.AA10243@access3.digex.net>
MIME-Version: 1.0
Content-Type: text/plain
->
The reason for the "STENOGRAPHY" field is to assist your computer in
determining if this is a stenography file & that the correct key was
chosen without attempting to decrypt the whole file. I know that this
presents the possibility of a small "known plaintext attack", but a good
encryption system should stand up to such an attack. RSA can ...
can't it?
<-
The problem with your approach (I believe) is that if MY computer
can (without an attempt at desteging and decryption with the proper
key) tell the file is a stego file, then anyone can filter all
traffic and just pick out the stego files.
This of course removes half (or most) of the incentive to use
stego in the first place.
The flaw in your basic motivation is that you place processing
speed at a higher value than security.
Even if the only loss were a small known plaintext attack potential,
it still is not worth (IMHO) the security shortfall that results.
Have I misunderstood your suggestion?
-uni- (Dark)
Return to March 1994
Return to “Black Unicorn <unicorn@access.digex.net>”
1994-03-03 (Thu, 3 Mar 94 04:07:43 PST) - Re: Standard for Stenography? - Black Unicorn <unicorn@access.digex.net>