[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: xor data hiding?



J. Michael Diehl <[email protected]> writes:

> Many encryption tools such as ripem, pgp, and dolphin can recognize their own
> output...which indicates that there is a footprint to that particular
> implimentation.

in this case, you're just trying to garble what people see so why not 
just xor "hello, world." /bin/csh or \command.com on top of it to avhieve 
that result.  No need for anything significant, I mean, if you xor 'X' 
over the whole thing, you've achieved the same result - after all, if 
someone wants to xor 'X' to knock that level of encryption(if I may call 
simple substitution "encryption") then it's fair to assume that the 
person knows it's cyphertext and they want the information below it, so 
that's a good place to use some decent encryption.. "congratulations, you 
have found the secret message. send the answer to old pink care of the 
funny farm" (Pink Floyd, The Wall (backmasking)) is what readily comes to 
mind when i see what you're getting at.. after all, searching a disk for 
data that fits specific patterns is one thing, figuring out that one of 
the index files for a database program with literally hundreds of 
database files and indecies (I used to work on programming such a 
database, so I know they exist and that they are a perfect hiding place 
for just about everything) is actually an encrypted file isn't a walk in 
the park.  anyway, enough babbling - hope some of it makes sense. =)
the park


--
Mike Sherwood
internet: [email protected]     uucp: ...!sgiblab!egfabt!mike