Tech Insider					   Technology and Trends


			   USENET Archives

Path: sparky!uunet!charon.amdahl.com!pacbell.com!decwrl!sun-barr!
news2me.EBay.Sun.COM!exodus.Eng.Sun.COM!orfeo.Eng.Sun.COM!silber
From: sil...@orfeo.Eng.Sun.COM (Eric Silber)
Newsgroups: sci.crypt
Subject: A new encryption problem?
Date: 6 Nov 1992 02:38:10 GMT
Organization: Sun Microsystems, Mt. View, Ca.
Lines: 19
Message-ID: <lfjmkiINNa74@exodus.Eng.Sun.COM>
NNTP-Posting-Host: orfeo

 PROBLEM:
    create a secure encryption algorithm which has the following
    characteristics:

    Let 'p' be the plain text.
    Let 'E' be the encryption transformation.
	Let 'c' be the cipher text.

    Require: (for-all p)( (c=E(p)) is a text which appears to be
                                   a plaintext)

    That is, the ciphertext does not appear to be a cipher text.

    Also, there are no auxillary indices or auxillary data of any kind.

    (not being a cryptologist, i'm sure this is not a new problem,
     i just haven't heard of such a tool as the 'E' i'm speculating 
    about here)

Path: sparky!uunet!utcsri!newsflash.concordia.ca!sifon!
thunder.mcrcim.mcgill.edu!sobeco!rcorco!elevia!alain
From: al...@elevia.uniforum.qc.ca (W.A.Simon)
Newsgroups: sci.crypt
Subject: A new encryption problem?
Message-ID: <14088@elevia.uniforum.qc.ca>
Date: 10 Nov 92 04:20:53 GMT
References: <715.517.uupcb@grapevine.lrk.ar.us> 
<1992Nov01.233637.138278@watson.ibm.com> 
<1992Nov3.090942.1626@guvax.acc.georgetown.edu> 
<1992Nov4.202104.3851@chpc.org> 
<1992Nov4.125819.1637@guvax.acc.georgetown.edu> 
<1992Nov7.133526.1682@guvax.acc.georgetown.edu> <1
Lines: 71

In <lfjmki...@exodus.Eng.Sun.COM>
sil...@orfeo.Eng.Sun.COM (Eric Silber)
gives us a problem to solve:

> create a secure encryption algorithm which has the following
> characteristics:
> Let 'p' be the plain text.
> Let 'E' be the encryption transformation.
>    Let 'c' be the cipher text.
> Require that for-all p
> (c=E(p)) is a text which appears to be a plaintext)

This has been answered, in a way,
by Peter Wayner (way...@cs.cornell.edu).
Ask him about Mimic.  It is a dry read, but intellectually well
worth the effort (Peter, this one will cost you).

There may be others, but I am not aware of them.
However, there are easier ways, if one doesn't mind wasting
bandwidth, and if one accepts to step out of the constraints you
have placed on the resolution of the problem.  What you ask for
is hard to do; but if your intent is practical rather than
academic, then you will have to count the ways to skin a cat.

So far, steganography's best ally is digitized material.  There
is room for dithering and noising.  As demonstrated by other
writers in this forum, borrowing a less significant bit within a
digitized product, although slightly less than efficient, is a
very secure way to hide information.  This can be done without
giving yourself away.

The danger here is that once we know this, so do "they".  So we
have to encrypt this borrowed one-bit wide channel in some
manner.  We are back to square one.

On the other hand, if the "borrowed" bits are taken at random
(the random source being the key to a spectrum spreading
algorithm) among the bits of the digitizing word size, our
message is not only safely encrypted, but there is no way to a)
say where it is, b) say what it contains, c) know for sure that
it is indeed there.

On the down side, we will get the equivalent of white noise in
the digitized piece.  If your hiding place is a digitized
picture, it will look like a case small-pox and if it is music
you'll think we are back in the age of cheap vinyl.  This is
enough to weaken points a) and c), above.  So why not bias the
random key so it tends to favor low order bits?  The picture will
just gain a bit of romantic haze, and the music will pick up a
touch of tape hiss, elegantly disposed off with a Dolby NR machine...

If you are interested, I suggest you consider [trumpet triumphal]
The Braid [drum roll] yes, my own baby! Look it up for details on
how it is done (just add low bias).  

The Braid (donated to PD (yet another drum roll)) will distribute
hidden information in such a way that even a known plaintext
attack will fail, first because any plaintext at all can be found
in the final product if one looks hard enough, second because it
is not possible to prove that a message is indeed hidden there,
third because even if you know that it is there you can't find it
without the key.  And the Braid, if you so wish, borrows another
bit to manage key distribution.

Can you imagine the outlawing of digitized material?



--
 Alain
 [ ... usual disclaimer... ]

Path: sparky!uunet!charon.amdahl.com!pacbell.com!ames!sun-barr!cs.utexas.edu!
zaphod.mps.ohio-state.edu!moe.ksu.ksu.edu!engr.uark.edu!mbox.ualr.edu!
grapevine!jim.wenzel
Newsgroups: sci.crypt
Subject: Re: A new encryption problem?
Message-ID: <1060.517.uupcb@grapevine.lrk.ar.us>
From: jim.w...@grapevine.lrk.ar.us (Jim Wenzel) 
Date: 11 Nov 92 11:01:00 GMT
Reply-To: jim.w...@grapevine.lrk.ar.us (Jim Wenzel) 
Distribution: world
Organization: The GrapeVine BBS *** N. Little Rock, AR *** (501) 753-8121
Lines: 32



    I  have been  reading this   newsgroup for  several weeks  with keen
    interest. And  for one am in  favor of the privacy  that it permits.
    However, recently (yesterday) I had  the opportunity to speak with a
    law enforcement official who had quite a different view.

    He was calling  from California in order to pick  up the pgp program
    from us. Seems that they are on the case of a molestor who encrypted
    his information using PGP. If they  can't crack it the molestor will
    more than  likely walk due to  lack of evidence. This  has caused me
    some  concern   because  we  have  agreed   (volunteered)  to  be  a
    distribution site  for PGP (logon as  PGP USER pw: PGP).  Yet, I for
    one would hate to think that there is anyway we could help such scum
    in receiveing PGP or similar encryption technology.

    At  this point  I am  curious as  to what  others think.  Both about
    distribution  and about  it's use   by the  underworld. I  have read
    'Dennings' report  and though I  disagree with it  on several points
    this particular  case does raise some  real-life issues pertinent to
    the discussion. If a  law was to be passed (and you  can bet that if
    cases like  this one in particular  continue one will be)  how would
    you like it to read?

*  Jim Wenzel,  SysOp,  The GrapeVine BBS,  (501) 753-8121  5.6 gigs  *
*  RIME, Use-Net, ForthNet, SmartNet, MetroLink, Intelec , RecoverNet *
*  ThrobNet and MediaNet message echos.  Large IBM, Amiga, Adult and  *
*  Programming file areas. PGP 2.0 public key available upon request  *

---
 * SM 1.06 A0059 * Gentlemen:  Start your debuggers...

			   USENET Archives


The materials and information included in this website may only be used
for purposes such as criticism, review, private study, scholarship, or 
research.


Electronic mail:			      WorldWideWeb:
   tech-insider@outlook.com		         http://tech-insider.org/