Re: steganography

From: Louis Newstrom (lnewstro@bellsouth.net)
Date: Thu Sep 20 2001 - 16:29:12 MDT


----- Original Message -----
From: "Ken Clements" <Ken@Innovation-On-Demand.com>
> However, one
> time codes have been considered too inconvenient to be practical
<SNIP>
> It is now possible for someone to carry around a chip with
> enough pre-recorded random bits in it to last longer than anyone can type.
> It is now possible for such a chip to be inserted under the skin (see the
RF
> ID stuff) and be accessed by a palm device

I wish the bad guys WOULD do something this simple. We would easily be able
to recover the chips from dead bodies and have a copy of the master code.
(This is the classic probelm with "infinite random" codes. If the recipient
has a code-book, that code book can be stolen.)

> Steganography has value on more than one level. Traditionally, it was
> valuable (when it worked) to send messages without anyone knowing that you
> were sending messages.

Very rarely. If the NSA are watching a known terrorist, and he transmits a
picture of a puppy-dog, do you really think they won't know there is a
message?

> If I publish a page of random numbers, I may also be sending a
> message, but you cannot prove that I am unless you can break it.
> If you haul me into court and demand I supply you with a key, I can
claim that
> they are just numbers, and that there is no key

I doubt it. If you published a random page of numbers, everyone will ASSUME
it is a message. It's just too bizarre to believe that someone published a
random page of numbers.

> Harvey has indicated that steganography alone is not useful,

I think you added the "alone" part. Harvey was saying that steganography
does not add anything to encryption. You might as well send encrypted text.
He was saying that embedding it in a picture buys you nothing.

> This combination can make it undetectable. I can put a digital recording
of a poem reading
> on my web that sounds perfectly normal, and stands up to any statistical
> analysis.

You are just repeating yourself. Multiple people have objected that you
CAN'T make it undetectable. Yet you keep repeating that you can.
Steganography may hide a message, but if someone suspects that it does
contain a message, it will be OBVIOUS upon statistical analysis.

---
Louis Newstrom
lnewstro@bellsouth.net
http://personal.lig.bellsouth.net/~newstrom



This archive was generated by hypermail 2b30 : Fri Oct 12 2001 - 14:40:53 MDT