1994-03-04 - Re: Standard for Stenography?

Header Data

From: smb@research.att.com
To: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
Message Hash: 971af1b06899fa3100644a4b879807b6a1c259c3bdca8db8f3f0ae1c5e473a16
Message ID: <9403040100.AA21896@toad.com>
Reply To: N/A
UTC Datetime: 1994-03-04 01:00:14 UTC
Raw Date: Thu, 3 Mar 94 17:00:14 PST

Raw message

From: smb@research.att.com
Date: Thu, 3 Mar 94 17:00:14 PST
To: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
Subject: Re: Standard for Stenography?
Message-ID: <9403040100.AA21896@toad.com>
MIME-Version: 1.0
Content-Type: text/plain


	 I welcome any and all of Bill Stewart's comments on this
	 issue.  I have, since the beginning, noticed a distinct
	 dislike of "security-through-obscurity" among the senior
	 members of this and other similar lists/newsgroups.  Many
	 people preach this dislike.  Most don't seem to understand its
	 foundations fully; neverthelless, they consider it a closed
	 issue and usually don't bother to explain why.

Obscurity is certainly a help.  Attacking an unknown system is very
much harder than attacking a known one.  And everyone in the business
knows that.

However -- in the real world, as opposed to an academic exercise,
you cannot keep an algorithm secret forever.  Partners will betray
you, spies will steal copies, enemies will capture them.  Do you
trust everyone on cypherpunks?  Should you?  If your algorithm is not
strong enough to withstand an attack by an enemy who has captured
it, you're in trouble.  And although you can replace the algorithm,
it's a lot harder than changing keys -- good cryptoalgorithms take
a *lot* of work, and the details often matter a lot.  Besides, your
old traffic will then be readable.

Security through obscurity is more than a buzzword.  It's a necessity
in this business.


		--Steve Bellovin





Thread