xor data hiding?

J. Michael Diehl mdiehl at triton.unm.edu
Tue Jul 13 17:51:48 PDT 1993


According to Douglas Sinclair:
> 
> What you are talking about sounds like the original Vernam cipher that Dave
> Kahn talks about in _CodeBreakers_.  There, he was using a teletype with two 
> XORing tapes.  One tape was 1000 characters long, the other was 999.  Thus,
> 999000 characters would have to go past before the system repeated.  HOWEVER,
> once it does repeat, all security is compromized.  Even before that time,
> I believe there are subtle attacks you can use based on the repetition of the 
> keys.  So, this is not a secure cipher method.  I would personally 
> suggest tacking an 128 bit IDEA key onto 4dos.com instead.  Or use
> DES even.

The point wasn't to be unbreakably secure; it was to be UNFINDABLY secure.  We
convolute an allready encrypted message to the point of not being recognizable
as cyphertext, then we hide it on the end of a file.  We want it to look like
garbage.

> BTW: Though you could come up with a 30Kb+ string which when XORed would
> give you any plaintext, you could not come up with a few small strings
> which when used over each other would give you that.  There just isn't enough
> information to make that possible.

Agreed.  This leaves us with several OTP's laying around in zip format.  This 
isn't so bad as long as we don't forget the original 7 keys.  The main purpose
of all of this is plausible deniability.

Thanx for your comments.  Still listening.

+-----------------------+-----------------------------+---------+
| J. Michael Diehl ;-)  | I thought I was wrong once. | PGP KEY |
| mdiehl at triton.unm.edu |   But, I was mistaken.      |available|
| mike.diehl at fido.org   |                             | Ask Me! |
| (505) 299-2282        +-----------------------------+---------+
|                                                               |
+------"I'm just looking for the opportunity to be -------------+
|            Politically Incorrect!"   <Me>                     |
+-----If codes are outlawed, only criminals wil have codes.-----+
+----Is Big Brother in your phone?  If you don't know, ask me---+





More information about the cypherpunks-legacy mailing list