On Thu, 22 Apr 2004, Major Variola (ret) wrote:
At 12:09 PM 4/22/04 +0200, Eugen Leitl wrote:
Are you truly expecting a worldwide ban on encryption? How do you
somebody is using encryption on a steganographic channel?
Torture, of the sender, receiver, or their families, has worked
At 05:56 PM 4/22/04 +0200, Thomas Shaddack wrote: prove pretty
well. If you're good you don't even leave marks.
However, it's not entirely reliable. At some point, the suspect tells you what you want to hear, whether or not it is the truth, just so you leave him alone. It can even happen that the suspect convinces himself that what he really did what he was supposed to do.
Interrogators check out each confession. First ones won't work, bogus keys. Just noise. Second confession reveals pork recipes hidden in landscape pictures. Beneath that layer of filesystem is stego'd some porn. Beneath that, homosexual porn. But your interrogators want the address book stego'd beneath that. They know that these are stego distraction levels, uninteresting to them. You'll give it to them eventually. If you give them a believable but fake one, it will damage innocents or true members of your association.
This brings another ofren underestimated problem into the area of cryptosystem design, the "rubberhose resistance".
My comments were written with that in mind. I'm familiar with filesystems (etc) with layers of deniable stego. I wonder how quickly one could incinerate a memory card in the field with high success rate? Destroy the data and the passphrases don't help.