[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Standard for Stenography?

To: [email protected]
Subject: Re: Standard for Stenography?
From: [email protected] ([email protected] +1-510-484-6204)
Date: Thu, 3 Mar 94 20:34:03 EST
Sender: [email protected]

Sergey writes:
> I have often heard it said that one should always assume that one's 
> opponent knows everything except one's secret key.  To me, this makes no 
> sense!  If your opponent is good enough and determined enough to get by 
> all the layers of obscurity you may have put up, than its just one more 
> step to getting your secret key.

If your cryptography methods are good enough to withstand an
opponent who has full documentation of your algorithms and methods,
lots of funds, and everything except your keys, then you don't
need to waste your time with all the other stuff.  And if you can't
protect a couple of keys, it doesn't really matter how much other
security you have.

On the other hand, steganography is almost by definition an obscurity
technique, and while security-by-obscurity is a naive waste of time,
obscurity-by-obscurity is hard to argue against real clearly :-)
On the other hand, if your cyphertext looks like random bits anyway,
it doesn't take a lot to make them invisible.

The real need is to make your data look like Somebody Else's Problem....

			Bill

Follow-Ups:
- Re: Standard for Stenography?
  - From: Sergey Goldgaber <[email protected]>

Prev by Date: Re: Standard for Steganography
Next by Date: Re: Standard for Stenography?
Prev by thread: Re: Standard for Stenography?
Next by thread: Re: Standard for Stenography?
Index(es):
- Date
- Thread