1994-03-05 - Re: Standard for Stenography?
Header Data
From: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
To: Mike McNally <m5@vail.tivoli.com>
Message Hash: 3bf82cb846b6e36c3438f651e3c36fe3812a0ea2782da61466d0a0572369b72e
Message ID: <Pine.3.89.9403050138.E28008-0100000@delbruck.pharm.sunysb.edu>
Reply To: <9403041456.AA02863@vail.tivoli.com>
UTC Datetime: 1994-03-05 06:22:00 UTC
Raw Date: Fri, 4 Mar 94 22:22:00 PST
Raw message
From: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
Date: Fri, 4 Mar 94 22:22:00 PST
To: Mike McNally <m5@vail.tivoli.com>
Subject: Re: Standard for Stenography?
In-Reply-To: <9403041456.AA02863@vail.tivoli.com>
Message-ID: <Pine.3.89.9403050138.E28008-0100000@delbruck.pharm.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain
On Fri, 4 Mar 1994, Mike McNally wrote:
> Maybe not, but if you've been paying atention you know of a great deal
> of theory that support the intractability of solving certain problems
> in realistic amounts of time. Most PK cryptosystems are based on
> relatively simple principles of mathematics. It stretches the
> imagination to think that the NSA somehow has solved the factoring
> problem; I concede it's possible, but unlikely.
Granted.
>
> > The point is, that in the real world, we'll never know if our algorithms
> > are "good enough to withstand an opponent who has full documentation of
> > your algorithms and methods lots of funds, and everything except your keys."
>
> Depends on what you mean by "know", I guess.
know = 100% objective certainty
>
> > > security-by-obscurity is a naive waste of time,
> >
> > I still don't see why.
>
> Well, you can't tell when you've been compromised,
How can you tell that you've been compromised if you stick to
non-security-by-obscurity methods?
> and you have no
> rigorous way of demonstrating the robustness of your obscurity.
That would be difficult. But, lack of objective measures does not mean
that security-through-obscurity is innefective. BTW, there may be some
statistics on the effectiveness of StO, somewhere. (Anyone out there
heard of any?)
> The real problem, however, is that you'll have a hard time convincing
> anybody else to participate.
I am not trying to convince everyone hide their data in the same place I
am hiding it. Simply consider hiding it, rather than leaving it out in
the open! That's not too crazy a proposition, is it?
> You can hide all your valuables in a really clever place and do all
> sorts of really clever secret things to protect them, and that may
> make you feel secure. However, you won't be able to convince me to
> entrust *my* valuables to you unless you explain to me the details of
> your techniques.
Take your encrypted data. Stick it in a file, using a variable offset.
That's all there is to it.
Sergey
Thread
Return to March 1994
- Return to “Eli Brandt <ebrandt@jarthur.cs.hmc.edu>”
- Return to “m5@vail.tivoli.com (Mike McNally)”
- Return to “Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>”
- Return to “SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>”
Return to “wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)”
- 1994-03-04 (Thu, 3 Mar 94 17:34:46 PST) - Re: Standard for Stenography? - wcs@anchor.ho.att.com (bill.stewart@pleasantonca.ncr.com +1-510-484-6204)
- 1994-03-04 (Thu, 3 Mar 94 19:01:22 PST) - Re: Standard for Stenography? - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-04 (Fri, 4 Mar 94 06:57:08 PST) - Re: Standard for Stenography? - m5@vail.tivoli.com (Mike McNally)
- 1994-03-05 (Fri, 4 Mar 94 22:22:00 PST) - Re: Standard for Stenography? - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-05 (Fri, 4 Mar 94 23:51:28 PST) - Re: Standard for SteGAnography - Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
- 1994-03-05 (Sat, 5 Mar 94 00:22:13 PST) - Re: Standard for SteGAnography - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-05 (Sat, 5 Mar 94 00:59:38 PST) - Re: Standard for SteGAnography - Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
- 1994-03-07 (Mon, 7 Mar 94 00:41:15 PST) - Re: Standard for SteGAnography - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-07 (Mon, 7 Mar 94 01:03:20 PST) - Re: Standard for SteGAnography - Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
- 1994-03-07 (Mon, 7 Mar 94 00:41:15 PST) - Re: Standard for SteGAnography - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-05 (Sat, 5 Mar 94 00:59:38 PST) - Re: Standard for SteGAnography - Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
- 1994-03-06 (Sun, 6 Mar 94 07:18:13 PST) - Re: Standard for SteGAnography - SINCLAIR DOUGLAS N <sinclai@ecf.toronto.edu>
- 1994-03-05 (Sat, 5 Mar 94 00:22:13 PST) - Re: Standard for SteGAnography - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
- 1994-03-05 (Fri, 4 Mar 94 23:51:28 PST) - Re: Standard for SteGAnography - Eli Brandt <ebrandt@jarthur.cs.hmc.edu>
- 1994-03-05 (Fri, 4 Mar 94 22:22:00 PST) - Re: Standard for Stenography? - Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>