[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

*To*: [email protected]*Subject*: more steganography talk*From*: [email protected] (Eric Hughes)*Date*: Fri, 4 Mar 94 12:51:03 -0800*In-Reply-To*: Jim Miller's message of Fri, 4 Mar 94 14:00:57 -0600 <[email protected]>*Sender*: [email protected]

>The idea: Encrypt a widely known value with the recipient's >public-key and use the result as an initialization vector for a >clever transformation/steganography algorithm. How many public keys are there can there be? Assume one hundred each for 10 billion persons. That's 2^40 keys, or an effective key length of 40 bits. Since there are not more than 2^16 public keys right now (a generous estimate) we can assume that this technique is insecure for public keys. Of course, if the public key is not actually public, but only in the possession of the sender, that's another matter, but just try keeping a public key under close distribution sometime. Both PGP and PEM fail to support protocols to restrict the distribution of 'public' keys. Public should mean that the key is held by someone other than the holder of the private key, not that the key is necessarily available to everyone. Eric

**References**:**more steganography talk***From:*[email protected] (Jim Miller)

- Prev by Date:
**more steganography talk** - Next by Date:
**Re: Increasing the encrypted/unencrypted ratio (was Re: Insecurity of public key crypto #1 (reply to Mandl))** - Prev by thread:
**more steganography talk** - Next by thread:
**Re: more steganography talk** - Index(es):