ietf-openpgp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Speculative Mode for KeyIDs of all zeroes

1997-12-04 03:40:17
from [William H. Geiger III] [Permanent Link] 
-----BEGIN PGP SIGNED MESSAGE-----

In 
<3(_dot_)0(_dot_)3(_dot_)32(_dot_)19971204021239(_dot_)006ea164(_at_)schloss(_dot_)li>,
 on 12/04/97 
   at 03:12 AM, Black Unicorn <unicorn(_at_)schloss(_dot_)li> said:


At 11:20 PM 12/3/97 -0800, you wrote:



If
you are worried about being tortured, the best defense is for Big Brother
to be unable to verify the existence of a PGP message at all.  Some stego
programs already kludge this by removing various message headers, but I
don't have references to the techniques handy.  I would like to see some
kind of "stealth message" format defined, where the first N bits of the
message (N corresponding to the length of the asymmetric key you are using
to speculatively decrypt) contain the session key, signature keyid, message
length, symmetric algorithm ID, hash algorithm ID, random padding, and
other such details so that if you stego a .WAV file, the only way to tell
is to collect the first 2048 sample LSBits and try decrypting them with
your private key(s) to see if a message header shows up.  Otherwise, all
you see is random-looking data that may or may not be a PGP message.



Even more substantial kudos.


I believe that there is a program PGP Stealth that works well for striping
this information from PGP messages before Stego is applied.

We had a rather lengthy discussion on Stego techniques on #pgp the other
day. I have primarily playing with the bit hiding and haven't looked too
much at the PGP header striping. I imagine that if a PGP implementation
could not handle a "striped" PGP message that the Stego preprocessor could
"fix" the encrypted message before passing it to PGP.

- -- 
- ---------------------------------------------------------------
William H. Geiger III  http://users.invweb.net/~whgiii
Geiger Consulting    Cooking With Warp 4.0

Author of E-Secure - PGP Front End for MR/2 Ice
PGP & MR/2 the only way for secure e-mail.
OS/2 PGP 2.6.3a at: http://users.invweb.net/~whgiii/pgpmr2.html                 
       
- ---------------------------------------------------------------

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a-sha1
Charset: cp850
Comment: Registered_User_E-Secure_v1.1b1_ES000000

iQCVAwUBNIaIkI9Co1n+aLhhAQKregQAhSdq511Ww4rBjQsBH8B4kD1bNyk8rSyY
bEIHWD6UeoiRUnZSZBX3Nx2uZ7L1IsG8REDyKAmAHMCL0k20frtn2OWMjfF/VY/Q
Drp6VORG4fHozjEj9BaaemET+B7Y+qf2nEi7ZJls0pqT4FFA5ZIKH/cMhzhNorm3
6CCTimeuwWU=
=ecAY
-----END PGP SIGNATURE-----
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Fingerprints once again..., Thomas Roessler
Next by Date:  Re: Comments on draft - Long., Peter Gutmann
Previous by Thread:  Re: Speculative Mode for KeyIDs of all zeroes, Black Unicorn
Next by Thread:  Re: Speculative Mode for KeyIDs of all zeroes, stewarts
Indexes:  [Date] [Thread] [Top] [All Lists]