1995-10-11 - Re: Graphic encryption

Header Data

From: futplex@pseudonym.com (Futplex)
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Message Hash: 264d77129cd5f409842ee01361dc8260cceca97f27d28c99f2d5545cf55f8872
Message ID: <199510110226.WAA12742@thor.cs.umass.edu>
Reply To: <199510110207.WAA07713@ask.cs.cornell.edu>
UTC Datetime: 1995-10-11 02:27:00 UTC
Raw Date: Tue, 10 Oct 95 19:27:00 PDT

Raw message

From: futplex@pseudonym.com (Futplex)
Date: Tue, 10 Oct 95 19:27:00 PDT
To: cypherpunks@toad.com (Cypherpunks Mailing List)
Subject: Re: Graphic encryption
In-Reply-To: <199510110207.WAA07713@ask.cs.cornell.edu>
Message-ID: <199510110226.WAA12742@thor.cs.umass.edu>
MIME-Version: 1.0
Content-Type: text/plain


Allow me to add some more partially informed speculation about unreleased
source code to the pile:

Bill Stewart writes:
> The description of Privasoft's method on their web page sounded like* it
> broke up a fax image into little squares and shuffled them around based on
> some proprietary (hence presumably weak) algorithm, somewhat like feeding
> them to a shredder or puzzle-box, then put them in a file you can ship
> with regular fax software or decrypt yourself.  If that's the case,
> and if the squares are sufficiently big to have enough pixels for fax
> software to compress decently, then it's weak no matter _how_ strong
> the encryption algorithm that shuffles them is, because you can piece together
> matching edges like a jigsaw puzzle, or like a bunch of Iranian students
> with American Embassy shredded documents.  

:}

[...]
> * The software was on the web page; if I'd had spare disk space that day and
> some slack time I could have downloaded the demo version and tried it,
> but this is what the description sounded like it meant.

The graphic encryption patents I found a couple of weeks ago (cited here then) 
describe a method that I don't believe would be susceptible to a "jigsaw"
attack like this. The patented method specifies encrypting the image bitmap
bit-by-bit (it suggests XORing with a (P)RNG stream). So the square
granularity would fail your second criterion for the applicability of a jigsaw
attack. 

However, I only have circumstantial evidence to suggest that the PrivaSoft 
software actually uses the patents I've seen.

Perhaps PrivaSoft Inc. could comment on which patent(s) (if they have already 
issued) form the basis for the use of encryption in their product ?

One last note: I would certainly have a hard time applying a jigsaw attack to
the sample ciphertext image at http://www.privasoft.com/images.html (and
enlarged at http://www.privasoft.com/scramima.html). Maybe it would be easier
if the plaintext image consisted of a picture with more macroscopic structure.

-Futplex <futplex@pseudonym.com>




Thread