1997-06-22 - Laying PipeNet

Header Data

From: Tim May <tcmay@got.net>
To: cypherpunks@Algebra.COM
Message Hash: 5e844e7a4df9e20318249895cf91564687250e30cba573b1f187761873b91ba8
Message ID: <v03102802afd305494670@[]>
Reply To: <v0310281cafd1ba6444d6@[]>
UTC Datetime: 1997-06-22 17:03:58 UTC
Raw Date: Mon, 23 Jun 1997 01:03:58 +0800

Raw message

From: Tim May <tcmay@got.net>
Date: Mon, 23 Jun 1997 01:03:58 +0800
To: cypherpunks@Algebra.COM
Subject: Laying PipeNet
In-Reply-To: <v0310281cafd1ba6444d6@[]>
Message-ID: <v03102802afd305494670@[]>
MIME-Version: 1.0
Content-Type: text/plain

At 3:02 AM -0700 6/22/97, Adam Back wrote:

>But for sending messages, we need a stego interface to remailers.  Now
>seems like a good time to produce this software.  It's time has come,
>much as Phil Zimmermann felt the pressure of the 1991 Senate
>anti-crime bill 266.
>Good stego encoding techniques are the difficult problem.  We could do
>something in-your-face like:

I agree. This should be a very high priority.

No coordination is needed...someone just needs to do it.

(The disputes about the DES challenge, and now the RC5 challenge, reinforce
in me the advantages of the "random search," which is worse than the
"coordinated search" by an insignificant (logarithmically) factor, as the
math clearly shows. And a random search has the advantage of incentivizing
more contribution of CPU cycles, and no worries that someone plans to sniff
the results and claim the prize himself. The parallels to code writing are
left as an exercise.)

>Text stego is hard to do.  At ultra low encoding rates (say a few bits
>per email), it would be ok.  (Just message parity, perhaps the entropy
>in the message-id, posting time).

Pointers can be useful. A small number of stego bits in a message of this
length could be used to tell a recipient where to look for a longer
message. Thus, this message could contain instructions to "Look at the
image "cindy-fake17.gif" in "alt.binaries.erotica.cindy-crawford" for
instructions about the Cabal meeting."

Why not simply send the GIF to Adam? This would be an unusual event,
sending such a GIF from me to him, and would be a huge spike in volume.

A pointer to an image posted to a "message pool" already containing vast
amounts of stuff, and his downloading of several (for cover) of these image
files, would not directly be implicating. (In Muslim countries, yes.)

So, low-bandwidth channels can easily carry text messages in stego form
pointing to higher-bandwith channels (meaning: files with lots of bits). An
attacker will be hard-pressed to make a correlation.

Also, the use of conventional porn or soft porn images for stego will be
less obvious than posting and retrieving images into
"alt.anonymous.messages." If the images are recyclings of older images, as
most images in these porn groups are, then there is the problem that images
may be diffed (compared) and the LSBs detected to be different. Fixes for
this either include deliberate (and stated) "enhancement" in Photoshop,
which is also fairly common, or scanning of some of those old Penthouse
mags laying around! :-)

>Images and audio files are much rosier targets, but who posts volumes
>of gifs, or uses audio files?  Not I, the bandwidth isn't up to it
>yet, and pay-per-second phone bills don't help either.

The alt.binaries.* groups are examples where truly massive number of images
are posted and retrieved every day. This is well known, of course. (And the
images do not take long to download...I have conducted my own "research"
into this. :-})

>For comfort, I'd like to be able to post, lets say 10k per day of
>messages, via remailers in non-GAKed countries.  Clearly I'm going to
>have to increase my rate of bit-production to stego encode this much
>data in my stegotext output.  How am I going to do it with good
>plausible deniability though?

By posting an occasional image to one of these groups.

If one posts such an image every day, for cover, whether or not it contains
LSB stego bits, this becomes a sort of "PipeNet." A curiously relevant
name, eh? (With apologies to Wei Dai, whose "PipeNet" had a different form.)

As the saying goes, porn is what drives all new media technologies...why
not for us, too?

--Tim May

There's something wrong when I'm a felon under an increasing number of laws.
Only one response to the key grabbers is warranted: "Death to Tyrants!"
Timothy C. May              | Crypto Anarchy: encryption, digital money,
tcmay@got.net  408-728-0152 | anonymous networks, digital pseudonyms, zero
W.A.S.T.E.: Corralitos, CA  | knowledge, reputations, information markets,
Higher Power: 2^1398269     | black markets, collapse of governments.
"National borders aren't even speed bumps on the information superhighway."