Earlier, Sergey Goldgaber wrote:
encrypts a signature but an identifier so as to know which program actually ^^^^^^^^^ You were originally referring to PGP in particular, were you not?
Nope.
Yes, I understand that your proposal is compatible with a variety of other schemes. However, as you note below, this provides very limited security, unless the key is _non_standardized.
What do you mean by non-standardised ?
"Pseudo-Stego" can be relatively secure as long as a large number of different hiding schemes/standards are used by the public.
This is limited by the availability of software and the inherent qualities medium being used to carry the hidden information. In any case, if the modulation method(s) is/are public, it by itself can't be used to provide any means of security.
An effective means of ensuring this would be to use the reciever's public-key checksum-value as the standard offset for stego. The large number of public-keys available make it rather infeasable for one's opponents to try them all. This, I believe, provides pretty adequate security (assuming one strips any telltale headers off the hidden file beforehand).
As for offset, do you mean that the public-key checksum value determines how much prepended 'garbage' to skip over before the real stego data becomes available ? This still doesn't work, because it means not only a lot of wasted bandwidth, but makes it a requirement to have a public-key in the first place -- any unnecessary tie in. All you want is a quick means to determine whether data has been modulated into the medium, and if it has by what particular item of software. This needs to be hidden by some means (eg (cheaply) : s/ware_id + sigma(i=0-n) passwd[i] + csum) and, as you say, the information itself needs to be unstructured. Therefore, you can pull pictures off alt.binaries.pictures.contemporary, run it though something w/ a password "russian_mole" and see whether your software says "I see this looks like it has a file created by program #s/ware_id, let me extract it". Matthew. -- Matthew Gream. ph: (02)-821-2043. M.Gream@uts.edu.au. PGPMail and brown paperbags accepted. - Non Servatum - ''weirdo's make the world go around'' - A.Watts