1995-01-12 - Re: How do I know if its encrypted?

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: marko@millcomm.com (Mark Oeltjenbruns)
Message Hash: af9161e1e09c5eed11d80c0a333e40be155bbb21d5903a73f57df2fcfb2f3f42
Message ID: <199501120337.TAA13574@netcom6.netcom.com>
Reply To: <m0rSFsb-000kfuC@mill2.millcomm.com>
UTC Datetime: 1995-01-12 03:55:31 UTC
Raw Date: Wed, 11 Jan 95 19:55:31 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Wed, 11 Jan 95 19:55:31 PST
To: marko@millcomm.com (Mark Oeltjenbruns)
Subject: Re: How do I know if its encrypted?
In-Reply-To: <m0rSFsb-000kfuC@mill2.millcomm.com>
Message-ID: <199501120337.TAA13574@netcom6.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain


Mark Oeltjenbruns wrote:

>         I keep seeing the idea that to keep out of trouble remailers and
> Data Havens should require that data be encrypted before it is accecpted.
> My question is how do I know it is encrypted?  If I say that anyone sending
> me data to be massaged by my system must first encrypt it, how do I know
> they are in fact complying with that request?  After all this is the area
> for the paranoid's to hang out in.

> (1) Look at the incomming data, which of course would be impractical and
> defeat the whole idea.

Actually, no. If the remailed material is encrypted, then looking at
it is harmless. (And if it is not....) The "ideal mix" neither looks
at nor keeps records about remailed items, of course. The "nonideal
mix" may easily insist on encryption.

I won't go through the rest of the points here, but there's a key word
here: entropy. Get familiar with it now (and not just 50 years from
now, when the worms and the bacteria will be giving lectures).

Abstractly, it is not possible to ever prove that a file is either
encrypted or unencrypted. Practically, encrypted files have high
entropy per character (characters appear with approximately equal
frequency), while unencrypted files have relatively low entropy,
reflecting the patterns and n-tuple clusterings in ordinary languages.

Sophisticated entropy measures are available, and have been discussed
here. But there's an easier approach: try to compress the file.

An encrypted ( = high entropy) file will generally not compress, and
may even expand in size. An ordinary message in English or Dutch or
whatever, such as this one, will compress significantly, to perhaps
half it's uncompressed size. (Quibblers, this is the place where your
announce the precise compression seen...)

--Tim May


-- 
..........................................................................
Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
                       | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
Cypherpunks list: majordomo@toad.com with body message of only: 
subscribe cypherpunks. FAQ available at ftp.netcom.com in pub/tc/tcmay






Thread