[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

more steganography talk

To: [email protected]
Subject: more steganography talk
From: [email protected] (Eric Hughes)
Date: Fri, 4 Mar 94 12:51:03 -0800
In-Reply-To: Jim Miller's message of Fri, 4 Mar 94 14:00:57 -0600 <[email protected]>
Sender: [email protected]

>The idea:  Encrypt a widely known value with the recipient's  
>public-key and use the result as an initialization vector for a  
>clever transformation/steganography algorithm.  

How many public keys are there can there be?

Assume one hundred each for 10 billion persons.  That's 2^40 keys, or
an effective key length of 40 bits.  Since there are not more than
2^16 public keys right now (a generous estimate) we can assume that
this technique is insecure for public keys.

Of course, if the public key is not actually public, but only in the
possession of the sender, that's another matter, but just try keeping
a public key under close distribution sometime.  Both PGP and PEM fail
to support protocols to restrict the distribution of 'public' keys.

Public should mean that the key is held by someone other than the
holder of the private key, not that the key is necessarily available
to everyone.

Eric

References:
- more steganography talk
  - From: [email protected] (Jim Miller)

Prev by Date: more steganography talk
Next by Date: Re: Increasing the encrypted/unencrypted ratio (was Re: Insecurity of public key crypto #1 (reply to Mandl))
Prev by thread: more steganography talk
Next by thread: Re: more steganography talk
Index(es):
- Date
- Thread