1995-07-24 - crypto-stegonography?

Header Data

From: merriman@arn.net (David K. Merriman)
To: cypherpunks@toad.com
Message Hash: dd901dba2dc6d879d0b92cbdce268c17fbc080996f87eeb4bd85e628d8f5c063
Message ID: <199507241239.HAA16213@arnet.arn.net>
Reply To: N/A
UTC Datetime: 1995-07-24 12:48:06 UTC
Raw Date: Mon, 24 Jul 95 05:48:06 PDT

Raw message

From: merriman@arn.net (David K. Merriman)
Date: Mon, 24 Jul 95 05:48:06 PDT
To: cypherpunks@toad.com
Subject: crypto-stegonography?
Message-ID: <199507241239.HAA16213@arnet.arn.net>
MIME-Version: 1.0
Content-Type: text/plain


I got to thinking about crypto and stego, and wondered if it wouldn't
conceivably be a useful technique to marry crypto and stego in the following
manner (probably thought of before :-):

1> encrypt a message in the Usual Manner.
2> by prior arrangement with the other party (or parties, more on that in a
moment), select a random character that has a bit position value equal to a
bit in the encrypted message. That is, if the first bit of your encrypted
message was a '0', randomly select a character that had a '0' in a specific
bit position (say, bit 3). repeat for remainder of message.
3> transmit said message, mimicing any one of a number of formats.

I think such a scheme would have a number of benefits, in that it could
_conceivably_ support up to 8 recipients (8 different messages encrypted
independently), though 6 would probably be a practical limit. The message
could easily be formatted to resemble a uuencoded image or almost anything
else (with minimal prior arrangement). It maintains real encryption while
providing a considerable 'distractor' effect on an opponent (ie, the old
magician's trick of "watch this hand while I do the real stuff with the
other one" :-). With the same message sent to multiple recipients, the
_apparent_ harmlessness of the message would seem to increase, as well.

For a single recipient, the bandwidth requirements really sucks rocks, but
for multiple recipients, the efficiency goes *way* up.

As observed, this has probably been thought of before, but I'd be interested
in hearing any comments....

Dave Merriman
This is a test (3 UUE lines) of the unconstitutional ITAR - 1/713th
of the PGP executable. See below for getting YOUR chunk! 
------------------ PGP.ZIP Part [015/713] -------------------
M=$<(&L`#*IPP",(G6(,,S,`P](<2RWU96XCW86/JBYV8A\D8@X'HB_9H#&\X
MX'PCUB.,13B"X8`R?^J-:UB.M_`U\>[#)BS&5$0C,Y#^1CS>1`\T1QTXX6!3
M8H,),S$8G>&.WP(8IRA`-M['+`Q%&_C"">5-F%LX@<_Q$;*P'',Q$Z/AA[8M
-------------------------------------------------------------
for next chunk to export --> http://dcs.ex.ac.uk/~aba/export/







Thread