[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: subliminal messages
Here's my minor correction of Perry Metzger's minor correction:
>Karl Barrus says:
>> Eric Hughes just told me some extremely interesting information
>> concerning subliminal channels and the DSS. Apparently, the DSS is
>> very hospitable towards subliminal channels. (I won't summarize
>> further since Eric may have posted to the list).
>
>A very good posting, Karl, but I will note in the literature these are
>called "covert" channels, not "subliminal" channels. Otherwise, really
>top quality posting.
>
>Perry
Yvo Desmedt gave a very nice paper at the Crypto '88 conference, which I
attented, entitled "Abuses in Cryptography and How to Fight Them."
He begins:
"[Sim83b] introduced the notion of subliminal channel. His example is
related to two prisoners who are communicating authenticated messages in
full view of a warden who is able to read the messages. The subliminal
consists in hiding a message _through_ the authentication scheme such that
the warden _cannot detect its use nor read the hidden part_."
Later he writes:
"Abuses (in particular subliminal channels) are not covert channels in the
strict way, as will briefly be discussed in Section 2.2."
Covert channels usually refer to using "out of band" techniques, such as
signal crosstalk, time-jitter, amplitude modulation, etc., to pass
information (e.g., to leak bits out of a classified computer facility),
whereas subliminal channels rely on the crypto protocols. (I suppose the
Clipper could use either or both, or could be rigged that way.)
I've heard people use the term "covert channel" in a broader sense,
encompasssing the subliminal channel term coined by Simmons as well as the
tradional covert channel, but certainly the term "subliminal channel" is
not incorrect as used by Karl. ("Covert" may be more descriptive than
"subliminal," though such is life.)
I'll leave the rest of the discussion for interested readers. "Advances in
Cryptology--CRYPTO '88," ed. S. Goldwasser, Springer-Verlag, 1990.
By the way, Desmedt's paper argues persuasively that "abuse-free
cryptography" overcomes the objections to public key crypto that terrorists
and others bad folks will be able to pass subliminal messages. If the
weaknesses mentioned by Eric Hughes and Karl Barrus are confirmed, this
could be another point of attack against Clipper.
Like Perry, I enjoyed Karl's summary.
-Tim May
--
Timothy C. May | Crypto Anarchy: encryption, digital money,
[email protected] | anonymous networks, digital pseudonyms, zero
408-688-5409 | knowledge, reputations, information markets,
W.A.S.T.E.: Aptos, CA | black markets, collapse of governments.
Higher Power: 2^756839 | Public Key: by arrangement
Note: I put time and money into writing this posting. I hope you enjoy it.