[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

*To*: [email protected]*Subject*: Re: more steganography talk*From*: [email protected] ([email protected] +1-510-484-6204)*Date*: Sat, 5 Mar 94 00:00:17 EST*Sender*: [email protected]

Eric Hugher, replying to somebody, writes: > > The idea: Encrypt a widely known value with the recipient's > > public-key and use the result as an initialization vector for a > > clever transformation/steganography algorithm. > > How many public keys are there can there be? > Assume one hundred each for 10 billion persons. That's 2^40 keys, or > an effective key length of 40 bits. Since there are not more than > 2^16 public keys right now (a generous estimate) we can assume that > this technique is insecure for public keys. If you're going to go to the trouble of using a public key, including handling generation, distribution and validation of public keys, you might as well use a "clever transformation/steganography algorithm" that's good enough that a brute-force search of all the public keys won't reverse it. A good candidate for such an algorithm would be IDEA - and if this sounds like I'm reinventing PGP, it's intentional :-) Essentially, you're proposing wrapping PGP in PGP, or in weakened-PGP. Better to just use Stealth-PGP to eliminate the distinctive markers that make PGP easy to find, maybe run the code through tran for extra scrambling if you're not running pnmstega, and then steganize. And make sure that if you write PGP, The Next Generation, you make it stealthy so people who don't have the right keys just see noise. Bill

- Prev by Date:
**Re: reply-to feeds an anon pool, jpp=pr0duct=cypher** - Next by Date:
**Re: Standard for Stenography?** - Prev by thread:
**Re: more steganography talk** - Next by thread:
**Re: more steganography talk** - Index(es):