[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: purloined letter



A couple of years ago somebody posted some clever programs to
sci.crypt that hid arbitrary (cipher)text in seemingly innocuous
"plaintext". You had two options: plaintext that looked like a running
commentary on a baseball game (with the ciphertext encoded in the
choices of names of players at bat, the sequence of balls and strikes,
etc) or plaintext that looked like the writings of a particular legal
scholar (I think). I don't remember his name, but he was chosen
because Senator Joseph Biden of Delaware plagairized his works during
law school, and Biden had recently introduced S.266 with the
now-infamous "resolution" against cryptography. A nice touch. :-)

Another approach to this problem is this: if you can't make the
needles inconspicuous by themselves, generate some big haystacks to
hide them in.  I.e., write a program that produces bogus PGP
"messages" and execute it frequently to produce background traffic. I
wrote a first-order bogus PGP message generator and posted it to
sci.crypt two weeks ago.  I say "first order" because it looks like a
PGP message to the naked eye, but is clearly invalid when fed to PGP -
I didn't bother generating correct checksums on the ciphertext.  The
ideal bogus message generator would produce a message
indistinguishable from a real PGP message encrypted with an unknown
public key, or perhaps with a known public key chosen at random. 
Anybody want to write this?

Phil