I know a lot of times the idea behind steganography is to hide the fact that a secret message is in a seemingly normal file/mail/whatever. This is good for avoiding unwanted interest in your file. The benefit of not having people attempt to crack you code, added to the strength of the cryptosystem is wonderful. However, I propose this-- Don't hide that anything's encrypted! Rather than hide this fact, throw it in their face! I propose hiding an encrypted message inside another encrypted message. Set bits in specific places to data in the real message. The benefit is Oscar not only doesn't know what the crypto is, he attacks the wrong message. Hiding statistically random bits from the true message in statistically random bits from the masking message shouldn't be too hard. Granted, this scheme doesn't get you past measures designed to keep out all encrypted messages, and it surely wouldn't keep you message from generating interest, but it would be very hard to decrypt the message, especially when some algorithm is used which (seemingly) randomly selects which bits to use for the stego. Just a thought... My apologies if someone has already proposed this method. Patrick