-----BEGIN PGP SIGNED MESSAGE----- On Sun, 22 Mar 1998, John Young wrote:
The New York Times, March 22, 1998, p. 31.
New Method To Veil Data Could Upstage Export Policy
Cryptologists find a way to foil eavesdroppers without secret codes.
As if steganography was new.
The new approach, which is described in a short technical paper that has been posted to Mr. Rivest's M.I.T. Web site (http://theory.lcs.mit.edu/~rivest/chaffing.txt), is described as "chaffing and winnowing" digital information instead of encrypting it.
Using steganoraphic techniques on low-level elements of network communication (packets) was considered many years ago in this very forum. A particular suggestion seemed much more effective than Rivest's proposal. It aim was to hide information among seemingly innocuous communication. Whereas, it is obvious to any observer of a "chaffing" exchange that an abnormal exchange was taking place. Of course, if all communication was "chaffed" then that same exchange would seem perfectly ordinary. However, the chaffing technique (creating "bogus" packets, transmitting them along with the real information, and seperating the two) creates a lot of overhead... which may not use much bandwidth if used occasionally, but would create a serious problem if everyone did it all the time.
According to Mr. Rivest's paper, it is possible to hide a message by breaking it into packets that are then secretly identified as good information, or "wheat," and gibberish, or "chaff," in such a way that an eavesdropper cannot distinguish the two.
The earlier suggestion was to hide information in unused, least significant, portions of the packet _header_, leaving the data portion intact. Thus, the overhead of creating "bogus" packets is eliminated, the bandwidth used in sending them is conserved, and the processing power used in seperating the "wheat" from the "chaff" is freed. Further, by all accounts, the data transmitted would seem perfectly ordinary to an eavesdropper. It could be a poem or a picture. However, it would be completely irrelevant, as the real message is hidden in the header. Finally, there are the more traditional steganographic techniques such as using the least significant bits of gifs, jpegs, and wavs. And, most intriguing of all, mimic functions. ............................................................................ . Sergey Goldgaber <sergey@el.net> Senior System Engineer . ............................................................................ . To him who does not know the world is on fire, I have nothing to say . . - Bertholt Brecht . ............................................................................ -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNRVG+Mgbnd/MibbZAQEaRwP9Fy825U05t9xyHa0vN5wFFCNBR0NHrik0 cFBG357a1+MRA90uxvUztB736uf71a39HP0172sjyAg3TXVG9MEpCxFDDa6OZAWQ 9Xgq9TSaUTJUXJVsockFTHF6F9zDLIAvw2s365J4dr3++Uj/JreaaX7pcLVmCujO DkuInR89aG8= =B9nV -----END PGP SIGNATURE-----