[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How do I know if its encrypted?
On Wed, 11 Jan 1995, Dale Harrison wrote:
> >
> >A practical system would cut out a notch at 6/8 for ASCII armor, which
> >would make approximation techniques a bit tricky. More practical is
> >just to detect ASCII armor with a regular expression recognizer and
> >de-armor it before the entropy check.
> >
> >Eric
> >
> >
> Won't work! You can always embed an encrypted message in what 'looks'
> like plaintext. A trivial example: Encrypt a message with a caesar
> cypher, then build a story where the first char of each word maps to
> each subsequent char from the encrypted text. At the cost of expanding
> the size of the message by a factor of 5 to 10 you've hidden the
> encrypted message in what looks like a letter to your mother (or a news
> story in the NY Times, etc.) This is old technique.
>
> Dale H.
But Dale, hat doesn't matter much. the user is then going otu of his way
tpo get rejected. The data haven would be knwon to it's users to require
encrypted text, and a user who did the scheme you outline above would
only be succeding in getting himself rejected. I mean it's nothe
operators fault he decided to be snazzy and put iit in plaintext when it
was known to be required to be encrypted, as in knowingly encrypted.