[6523] in cryptography@c2.net mail archive
Re: The problem with Steganography
daemon@ATHENA.MIT.EDU (Russell Nelson)
Thu Jan 27 11:23:08 2000
From: Russell Nelson <nelson@crynwr.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Date: Thu, 27 Jan 2000 11:17:46 -0500 (EST)
To: cryptography@c2.net
In-Reply-To: <v0421010bb4b535e80609@[24.218.56.92]>
Message-ID: <14480.27647.778824.777187@desk.crynwr.com>
Arnold G. Reinhold writes:
> Closely matching the statistical properties of a physical device
> could be difficult.
Unless you xor'ed them with a different, published sample from the
same device. white x color1 = color2. But again, which sample you're
using has to be a computationally difficult secret to discover. If
you can do color1 x color2 == white, by guessing color1, then you have
reduced the problem to one of discovering stego in the raw data. So
that may not be such a wonderful solution.
> A different approach would be encouraging large numbers of people
> with video Internet feeds to "pre-stego" their material.
Vulnerable to rubber-hose cryptanalysis. Publish random bits, go to
jail. It's detectable, it's enforceable. Only question is whether
the population at large thinks it's a freedom worth giving up for the
security they receive. Yes, it's a stupid law; desperate governments
have done morally worse things. Much worse. In the previous century,
somewhere between 80 million and 270 million times. Assuming a median
number of 150 million deaths, on average, 2.85 times per minute.
--
-russ nelson <sig@russnelson.com> http://russnelson.com
Crynwr sells support for free software | PGPok | "Ask not what your country
521 Pleasant Valley Rd. | +1 315 268 1925 voice | can force other people to
Potsdam, NY 13676-3213 | +1 315 268 9201 FAX | do for you..." -Perry M.
