Re: http://www.echelon.wiretapped.net signatures

From: Eugene Leitl (eugene.leitl@lrz.uni-muenchen.de)
Date: Sun Oct 08 2000 - 16:35:11 MDT


Michael M. Butler writes:
> You just reminded me to set up my own Hotbits server. Project time!
> Anyone know of a nice place to buy an energetic beta source besides
> NIST? >=100kBq preferred.
 
That would seem an overkill. Why don't you just digitize output of
white noise generator (say, amplified thermal noise of a transistor
junction) and feed it through a cryptohash? Actually, just the LSB of
/dev/audio or /dev/video (I have a 25 fps 640x480 24 bit/pixel
framegrabber with a 3Com BigPicture attached, that's a high data rate
source) should give you lots of entropy.

Ferinstance:

eugene.leitl@lrz:~ > cat /dev/dsp | mimencode
y9Dq48+9u7aorsnOrLe5yLefsKivlamzho2jpp2srLeil8Konod1nZGYjoSKi3ZkY3V3fIR9
hXd3hYmMq5KjlH+DkH51gVxWcnBsiJGZnrq42NOxv7+wrLq3qbaqiYukzNW1oIJwi7XGxMCu
qZmjmo5/kI1wjIqIgHuOimVlWWR5dYydk3+RsJ6opLfezr+2e3qIfYKTkpWSfneOjZjBy7Wt
[aborted]

(You migh want to jack up mic input amplification). See, it's rather
noisy, already, even without any mic attached.

cat /dev/dsp >blah
[aborted]
cat blah | md5sum
9e3ea9f1d137aef4a089e2fc740731f8 -

Just read in a few 100 bytes from /dev/dsp, pass them through MD5, or
another cryptohash (diversify, you could as well use a stream cipher,
periodically flipping keys, made from a cryptohashed true entropy
source), and either stream that through a socket to a remote
(preferably overseas) friend of yours, or crontab this to be catted
into a mail body, send to some fake users or real users who filter it
out to /dev/null with procmail (you'll also need accomplices for that
-- be your own accomplice with an ssh session). In case they ever
catch it (if I was in their place, I'd use entropy detectors, and
stuff which can tell crypto from compression apart, ranking people by
the rate of noise produced), much headscratching at cryptoanalyst's
end will ensue.

> > And yeah, if you really want to piss off certain people, set up noisy
> > video webcasts, and encrypted mailing lists (e.g. mmreencrypt patch
> > for MailMan) which just send back and forth /dev/(u)random output
> > (just set up a pair of scripts which stream that via a socket). These
> > people don't like high-entropy bitstreams, given their professional
> > paranoia.
>
> There also ought to be a way to, for example, run fake stego on all a
> server/proxy's cached images so they all show suspicious lsb noise that
> varies from day to day.

But you'll need a consumer of the video stream, orelse the packets
will never fly.

> Then there's Gilmore's FreeS/WAN project:
> http://www.xs4all.nl/~freeswan/. If I get ADSL or something, I'll
> probably run one of these.

Ditto here, but try getting SDSL, the assymetrical stuff is too easily
clogged if you're a producer.



This archive was generated by hypermail 2b30 : Mon May 28 2001 - 09:50:15 MDT