From: Bill Stewart <stewarts@ix.netcom.com>
To: cypherpunks@toad.com
Message Hash: abf3c4b5dec797019991be53a13820c65a15e12c51fe9e5521356369c97026b5
Message ID: <199602280910.BAA29788@ix10.ix.netcom.com>
Reply To: N/A
UTC Datetime: 1996-02-28 14:33:27 UTC
Raw Date: Wed, 28 Feb 1996 22:33:27 +0800
From: Bill Stewart <stewarts@ix.netcom.com>
Date: Wed, 28 Feb 1996 22:33:27 +0800
To: cypherpunks@toad.com
Subject: Re: Simpler solutions (was Re: Stealth PGP work)
Message-ID: <199602280910.BAA29788@ix10.ix.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain
At 12:45 AM 2/28/96 +0000, "Deranged Mutant" <WlkngOwl@UNiX.asb.com> wrote:
>Adam Back <aba@dcs.ex.ac.uk> wrote:
>
>[lots of stuff about stealth PGP snipped]
>
>This seems to be quite a lot of effort that complicates things. It
>would be simpler for two stealth communicators to use other means of
>hiding the fact that a message is PGP'd... (1) stego, in various
>forms, if done properly would make most attackers not suspect a PGP
>message is inside something,
One point of stealth-pgp is to make an encrypted message you _can_
safely hide with stego. Since the Bad Guys can take your stegofied picture,
destego it, and see the string ------ BEGIN PGP CONTRABAND DATA,
you can't get away with saying "no, that's just a picture of my cat,
blurred a bit because he was moving", which you can if you use a true
stealth version of PGP or other crypto program.
Another major point is to make PGP messages that you can post in public,
which the recipient can decode, but which _don't_ say
"From 007 To 86 and 99" in the headers. That's easier, but still a bit of work.
>(2) use another encryption program, with
>a known key shared by two users, that turns the PGP message into pure
>unmarked 'randomness',
>[.... (3) a pad-based variant ...]
You're down to key exchange; the big reason for public-key systems is to
avoid it.
#--
# Thanks; Bill
# Bill Stewart, stewarts@ix.netcom.com / billstewart@attmail.com +1-415-442-2215
# http://www.idiom.com/~wcs Pager +1-408-787-1281
Return to February 1996
Return to “Bruce Zambini <jlasser@rwd.goucher.edu>”