1996-03-02 - Re: Chaff in the Channel (Stealth PGP work)

Header Data

From: Nelson Minar <nelson@santafe.edu>
To: cypherpunks@toad.com
Message Hash: 7bd79867f9e382766a03e0f170f8e3de533502b96f4dd22a4d3ffc52b13f9ee5
Message ID: <199603010418.VAA02087@nelson.santafe.edu>
Reply To: <ad5b906f080210042e09@[]>
UTC Datetime: 1996-03-02 06:25:01 UTC
Raw Date: Sat, 2 Mar 1996 14:25:01 +0800

Raw message

From: Nelson Minar <nelson@santafe.edu>
Date: Sat, 2 Mar 1996 14:25:01 +0800
To: cypherpunks@toad.com
Subject: Re: Chaff in the Channel (Stealth PGP work)
In-Reply-To: <ad5b906f080210042e09@[]>
Message-ID: <199603010418.VAA02087@nelson.santafe.edu>
MIME-Version: 1.0
Content-Type: text/plain

Is anyone here on the Steganography mailing list? Last I checked it
looked pretty dead, which is a shame. Stego seems to be a really
important topic, and a difficult one at that. The good news is there's
all sorts of entropy in the data we send back and forth, the bad news
is it's hard to actually exploit it.

tcmay@got.net (Timothy C. May) writes:
>This is my take on fixing the stego situation. Instead of worrying about a
>"stealth PGP version," which is likely to be only a slight speed bump
>(because of the statistics), think about flooding the detection channels.

The stealth PGP is, of course, a necessary element: you have to remove
can slip it in somewhere.

As noble as "flood the detection channels" sounds, has it really ever
succeeded? Do people who don't care about privacy day to day ever go
through extra trouble to make other people's privacy easier? I can
think of two public efforts to increase noise that have failed:
putting Spook keywords in all Usenet posts, and using PGP email for
normal day to day traffic. The failure of the second channel-flooding
is especially notable: even people doing serious crypto hacking, with
well established public keys, don't seem to PGP encrypt normal day to
day traffic. It's just not convenient enough.

I think asking people to increase entropy in their day to day
communication is doomed to fail, it's just too much trouble. Better to
exploit the entropy we already have, and maybe encourage designers of
new systems to build in some extra entropy sources when they get the chance. 

I've got some specific ideas, but am a bit nervous about talking about
them because of intellectual property issues. Also, I'm not convinced
that unlike cryptography, some extra security can be maintained in a
steganographic system by not disclosing the way it works. I haven't
resolved these concerns, but would be happy to engage in some
metadiscussion about them.