From: Eugene Leitl (Eugene.Leitl@lrz.uni-muenchen.de)
Date: Fri Aug 31 2001 - 06:19:31 MDT
On Fri, 31 Aug 2001, Samantha Atkins wrote:
> I am no expert but I have heard it claimed that steganography gives
> really illusory additional protection against pros (e.g. Feds) as they
> have good tools for finding such hidden information flows.
About 90% of available steganography packages can be broken, in the sense
1) you realize there is a hidden message in there 2) you can extract the
cypher, not plain (you weren't that foolish to use plain in stegano, were
you?). You're still left with the rather hard task of breaking the
cryptosystem, or extract the passphrase by perp surveillance or rubberhose
cryptoanalysis (it's not elegant, but, hey, it works).
However, there are remaining 10% of steganography packages which will be
hard to crack. In case you're interested, I can give you a list of the
good ones.
The main value of steganography is that it makes screening for it very,
very expensive. The intelligence communicty itself doesn't have the
resources, and the ISPs would go broke trying to comply with snooping
requirements.
Though CPU is pretty cheap right now, realtime sophisticated statistical
and spectral traffic analysis will remain expensive, because the traffic
is adaptive. Multimedia and VR streams will become very common in the next
decade.
> On most forms of encryption the simplest way to circumvent,
> particularly if you are a spook, is to plant software on the user
> system that finds any keys and so on and send them along to you.
Absolutely. Planting a hardware box in your keyboard or keyboard cable
will record every single key you entered. Ditto applies for software
keystroke loggers. Passphrases can be frequently recovered by analysing
swap space.
However, to install these you have to enter the premises, which can be
detected with tripwire, both low and high tech. Remote expoits are
useless, if crypto is conducted in hardened compartments, such as
dedicated crypto boxes, or an air gap protected machine, exchanging
*nonexecutable* files via MOD sneakernet. Such a machine can be made to be
very hard to analyze using TEMPEST.
A wearable is very interesting for doing crypto, because it is always
under your control, and it's low power, particularly the hud. Easy to
shield, if you know what you're doing. Of course, if you're on wireless
network, you're still required to do the deep secret stuff in a dedicated
tamper-proof hardware box.
> All of that said, only a fool would not at least try for better
> security.
Absolute security is infinitely expensive. However, with a very modest
effort you can make it very, very hard for Mallory. Phasing out clear
streams in favour of cypher will make some people, very, very upset. Man
in the middle is still largely academic these days, and can easily be
prevented by reading the key fingerprints over audio.
-- Eugen* Leitl leitl
______________________________________________________________
ICBMTO : N48 10'07'' E011 33'53'' http://www.lrz.de/~ui22204
57F9CFD3: ED90 0433 EB74 E4A9 537F CFF5 86E7 629B 57F9 CFD3
This archive was generated by hypermail 2.1.5 : Sat Nov 02 2002 - 08:10:17 MST