From: Sergey Goldgaber <sergey@pelican.el.net>
Date: Sun, 22 Mar 1998 09:18:29 -0800 (PST)
To: John Young <jya@pipeline.com>
Subject: Re: Rivest's Chaffing and Winnowing
In-Reply-To: <199803221456.JAA07529@camel8.mindspring.com>
Message-ID: <Pine.NEB.3.95.980322114446.22257A-100000@pelican.el.net>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

On Sun, 22 Mar 1998, John Young wrote:

>    The New York Times, March 22, 1998, p. 31.
>
>    New Method To Veil Data Could Upstage Export Policy
>
>       Cryptologists find a way to foil eavesdroppers without
>       secret codes.

As if steganography was new.

>    The new approach, which is described in a short technical
>    paper that has been posted to Mr. Rivest's M.I.T. Web site
>    (http://theory.lcs.mit.edu/~rivest/chaffing.txt), is
>    described as "chaffing and winnowing" digital information
>    instead of encrypting it.

Using steganoraphic techniques on low-level elements of
network communication (packets) was considered many years ago
in this very forum.  A particular suggestion seemed much more
effective than Rivest's proposal.  It aim was to hide
information among seemingly innocuous communication.  Whereas,
it is obvious to any observer of a "chaffing" exchange that
an abnormal exchange was taking place.

Of course, if all communication was "chaffed" then that same
exchange would seem perfectly ordinary.  However, the chaffing
technique (creating "bogus" packets, transmitting them along
with the real information, and seperating the two) creates
a lot of overhead... which may not use much bandwidth if
used occasionally, but would create a serious problem if
everyone did it all the time.

>    According to Mr. Rivest's paper, it is possible to hide a
>    message by breaking it into packets that are then secretly
>    identified as good information, or "wheat," and gibberish,
>    or "chaff," in such a way that an eavesdropper cannot
>    distinguish the two.

The earlier suggestion was to hide information in unused, least
significant, portions of the packet _header_, leaving the data
portion intact.  Thus, the overhead of creating "bogus" packets
is eliminated, the bandwidth used in sending them is conserved,
and the processing power used in seperating the "wheat" from the
"chaff" is freed.

Further, by all accounts, the data transmitted would seem
perfectly ordinary to an eavesdropper.  It could be a poem or
a picture.  However, it would be completely irrelevant, as
the real message is hidden in the header.

Finally, there are the more traditional steganographic techniques
such as using the least significant bits of gifs, jpegs, and wavs.
And, most intriguing of all, mimic functions.


 ............................................................................
 . Sergey Goldgaber <sergey@el.net>                 Senior System Engineer  .
 ............................................................................
 .   To him who does not know the world is on fire, I have nothing to say   .
 .                                                      - Bertholt Brecht   .
 ............................................................................

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBNRVG+Mgbnd/MibbZAQEaRwP9Fy825U05t9xyHa0vN5wFFCNBR0NHrik0
cFBG357a1+MRA90uxvUztB736uf71a39HP0172sjyAg3TXVG9MEpCxFDDa6OZAWQ
9Xgq9TSaUTJUXJVsockFTHF6F9zDLIAvw2s365J4dr3++Uj/JreaaX7pcLVmCujO
DkuInR89aG8=
=B9nV
-----END PGP SIGNATURE-----