In reference to a message by Mike Johnson: I was thinking of steganography as being in two stages: first, you encrypt, (possibly with the identity transformation) then, you embed your encrypted message in your medium of transmission. My previous message was describing requirements for a strong encryption algorithm, quite apart from the actual embedding. I stand by my statements: the purpose of steganography is to make it difficult or impossible for an interloper to determine that enciphered data are being transferred. Thus, embedding a magic number in the file defeats the purpose completely. (As opposed to "slightly reducing security.") I accept your correction regarding availability of software. I think that designing a program to embed this apparently random bitstream in an innocent-looking file is a different and much harder problem. It is probable that I have misunderstood some part of your message, and I apologize if this is the case. Kragen (Bug my sysman for a newsreader that allows quoting with >'s-his username is jim.)
I was thinking of steganography as being in two stages: first, you encrypt, (possibly with the identity transformation) then, you embed your encrypted message in your medium of transmission. My previous message was describing
An interesting related topic is subliminal channels and messages. A subliminal channel is one in which communication takes place without an external observer realizing it. The classic example is communication between two prisoners (I guess they played the prisoner's dilemma and both wound up in jail anyway). Two prisoners are allowed to communicate, but the warden is suspicious so he intercepts all traffic, reads it, and then passes it on. The prisoners demand that they be able to digitally sign messages to prevent forgeries by the warden. The warden demands he be able to read the messages (no PGP). All parties agree to these terms and the communication begins. Basically, the prisoners communicate in the open (the message readable by the warden) but they also communicate with a "subliminal channel" the warden isn't aware of: the digital signature. The prisoners sign their messages in such a way as to communicate a few bits of information with each message passed along. The digital signatures can be verified, so the warden suspects nothing. Eventually, the prisoners work out their stories and are released. :-) As I remember, and I don't have the book here with me now, Seberry and Peipryzk's book describes this, and gives several examples of subliminal channel algorithms, of which I only recall El Gamal`s at the moment. Perhaps Arto Salaama's "Public Key Cryptography" contains more information. /-----------------------------------\ | Karl L. Barrus | | elee9sf@menudo.uh.edu | <- preferred address | barrus@tree.egr.uh.edu (NeXTMail) | \-----------------------------------/
participants (2)
-
elee9sf@Menudo.UH.EDU
-
TO1SITTLER@APSICC.APS.EDU