[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: One-Time Pads as Attack Method
Your response is most interesting! It almost implies you can't publish
for(i=0;i < filesize(B); i++) C[i] = A[i] ^ file_contents[i];
I wonder why the difficulty in simply (I thought of actually going ahead
and doing this):
Take a posting (B.) to cpunks by Tim May. THese get disseminated quite
widely and he's well-known; his thoughts and style should make deniability
of the message difficult.
Calculate C = B ^ A such that A = kiddie porn of your choice.
Post the UUENCODE of C. to cypherpunks, send the binary to Tim, etc.
Call your favorite Agency to investigate.
Your variant in which the file B. is known, as in KRNL386.EXE is also viable,
if not more so!
Is posting a TRANSFORM such as a 'OTP' that converts copyrighted material A
into copyrighted material B a violation of anything, I wonder... You could
convert everybody's Internet Explorer into a ZIP file containing a setup
and executable for Netscape 3.0!!
At 10:33 AM 5/10/97 -0400, Peter D. Junger wrote:
>[email protected] writes:
>
>:
>: 1. Agents of the Enemy wish to create the appearance of you possessing
>: document A.
>: 2. They obtain some artifact you have emailed, or posted, or possess on
>: your private local storage. ---
>: Possibly even signed. Call this message B.
>: 3. They create the XOR of A and B, the result being a 'one time pad' C.
>: which of course, gives:
>: private message B XOR C = target bogus message A. This result is of course
>: not a one time pad;
>: the plan is to accuse you of possessing materials that prove you are
>: trading with the enemy,
>: exchanging kiddie-porn, any of the usual things.
>: 4. This 'one time pad' file C. somehow finds its way into your possession:
>: it is an email attachment,
>: embedded in some binary --- it could even be stego'ed into a GIF/JPG.
>: 5. The agents break down the door and seize all your effects.
>: 6. They are able to prove that you possess B and C, the XOR of which is A.,
>: a fact that is impossible
>: to have happened at random.
>: 7. The jury doesn't know shit, and figures that if the chances of B ^ C = A
>: by accident are 0,
>: then you must be guilty.
>
>It was in part for the purpose of demonstrating this possibility that I
>wrote the OPT program that I later realized that I could not publish in
>any form under the ITAR and cannot publish in electronic form under the
>new Commerce Department export regulations (unless I apply for a license
>(that I probably cannot get) from the government, a requirement that
>violates the First Amendment to the United States constitution). And it
>was the restraints on publishing that and other crypto programs that led
>me to file suit to enjoin the enforcement of the export restrictions on
>cryptography.
>
>The problem that someone might plant a message and a one-time-pad on
>your machine makes for a good spy story; I would be more worried about
>someone claiming that I had illegal software on my machine, since they
>can always come up with a one-time-pad that will decode some file that
>I do have on my machine (if they have access to it) and have the
>``decoded'' text be a copyrighted program for which I do not have a
>license.
>
>Do you think that Microsoft has a one-time-pad that will convert
>Netscape 3.1 into Word for Windows?
>
>
>--
>Peter D. Junger--Case Western Reserve University Law School--Cleveland, OH
> EMAIL: [email protected] URL: http://samsara.law.cwru.edu
> NOTE: [email protected] no longer exists
>
>
>