1995-09-17 - Re: planning for life during the crypto night (was Re: CYPHERPUNK considered harmful.)

Header Data

From: Black Unicorn <unicorn@polaris.mindport.net>
To: aba@atlas.ex.ac.uk
Message Hash: 6af4f0cd35f66cb740141d86760c030a21ab8e48772d93d870210948abc61d90
Message ID: <Pine.SUN.3.91.950917192456.17849E-100000@polaris.mindport.net>
Reply To: <20045.9509171928@exe.dcs.exeter.ac.uk>
UTC Datetime: 1995-09-17 23:37:02 UTC
Raw Date: Sun, 17 Sep 95 16:37:02 PDT

Raw message

From: Black Unicorn <unicorn@polaris.mindport.net>
Date: Sun, 17 Sep 95 16:37:02 PDT
To: aba@atlas.ex.ac.uk
Subject: Re: planning for life during the crypto night (was Re: CYPHERPUNK considered harmful.)
In-Reply-To: <20045.9509171928@exe.dcs.exeter.ac.uk>
Message-ID: <Pine.SUN.3.91.950917192456.17849E-100000@polaris.mindport.net>
MIME-Version: 1.0
Content-Type: text/plain




---
"In fact, had Bancroft not existed,       potestas scientiae in usu est
Franklin might have had to invent him."    in nihilum nil posse reverti
00B9289C28DC0E55  E16D5378B81E1C96 - Finger for Current Key Information

On Sun, 17 Sep 1995 aba@atlas.ex.ac.uk wrote:

> 
> Black Unicorn <unicorn@polaris.mindport.net> writes:
> >
> > 3. Unescrowed crypto banned, with advanced stego, panic passwords, 
> > stealth PGP, incorporated remailers all across international borders 
> > making offenders impossible to identify or catch.
> > 
> > [...] I believe the goal is to propogate crypto far enough to at
> > least have a salient "underground" participants.
> > 
> > Some months ago I called for advanced stego and stealth PGP as well
> > as larger keys in the event we all had to go "into the crypto
> > closet" for a time.
> > 
> > I call for them again.
> 
> Guess you're saying that a future underground cypherpunk group is
> going to need tools to continue if the US plummets into cryptographic
> darkness.  And you'd like to see these tools available now, as it will
> be difficult to distribute, and set up if the big ban is already on
> us.  A pre-emptive safety precaution in the event that it happens.

Precisely.  Thank you.

> 
> So what threat model do you envisage tools being needed to withstand?
>

Traffic analysis, jurisdiction, detection of encrypted data in stego'd 
files.

I believe the basic problem will be one of avoiding detection and the 
ability to piggyback harmless looking files on "approved" encryption.

In the event your encrypted message were detected, it would be nice if it 
didn't announce its intended destination via a public key header.

I also believe that excessively large keys should be incorporated 
(2048/4096 bit RSA and 256 bit IDEA like encryption perhaps) to extend the
likely useful life of cyphers which will be difficult to distribute later.

I also would like to see applications which permit the user to select the 
from among a few types of encryption, in the event one is found to be broken.

> A couple of the things you list are realisable with little effort, one
> is a PGP with large keys, I am using a doctored to go to 16k keys

[description of availability]

> Adding stealth features to PGP, or even as standalone, aren't hard
> either.  I've been trying to add Hal's improved stealth algorithm to
> Henry Hastur's stealth program.  It's basically finished, except for
> the problem that I am unsure about the security of the construct:

Excellent!

> So that's big key PGP, and stealth PGP.  I'm presuming most people
> figure 128 bit IDEA is suitably unassailable,

I'm pretty confident in it, but I would like to see some others about.

> What are views about creating Yet Another version of PGP.  I've read a
> few discussions of this kind of thing in the past on alt.security.pgp,
> and most people were against it.  But I think some useful things could
> come out of it.


I think one of the big hold ups is the wait for PGP 3.0

> 
> The other problem is working with pgp2.x when there is a version 3.0
> being worked on, not sure what stage 3.0 is at, any coding.. perhaps
> if a stealth capable pgp2.x was worked on, and a few features
> demonstrated, the 3.0 folks would be willing to take a look at it to
> evaluate the features for possible version 3.0 inclusion.

Exactly.

> Good stego tools are the other main problem.

I concur.

> 
> My understanding is that all of the stego programs to date do it by
> just ripping out the LSB of an audio or graphic image, and replacing
> that with the bits from a message with a stealthed message.
>

As I understood the current implementation, stego is fairly easy to sniff 
out.  Am I mistaken in this?

> Sending masses of pictures around is kind of suspicious tho, I mean
> several a day, each freshly scanned from what?  I guess if video
> conferencing gets here, it would be fun to add the stego into that
> noisy stream, same for internet phone.

Perhaps, but hardly as suspicious as sending naked random data.  I think 
given hard to sniff stego, and the nationwide bandwidth, this is a non-issue.

> Text stego, with bits hidden in the entropy of english text seems a
> harder objective, but a useful one.

Indeed.

> I'm presuming that plausible deniability, and facilities for anonimity
> are essentials.  How does one go about doing that?  Using newsgroups
> to carry on a two level communication might be a good way of
> maintaining plausible deniability.  Either a stego interface to
> remailers in other countries, so that the stego gateway to remailers
> scans it's newspool, decrypts messages addressed to it, and forwards
> that off to the anon remailers.  The outcome could be a further text
> or graphics stegoed message for posting to a suitably high noise news
> group.  The recipient is also scanning his news spool for stego
> messages addressed to him.
> 
> Sounds feasible.  Perhaps a proof of concept would be easy to knock
> up, if a place holder is inserted for the 'good text stego' program
> should go.  There was a 'texto' posted a while ago which did something
> suitable.
> 
> Adam

I believe all these to be in everyone's best interest.





Thread