signed mail + steganography = ?
CVL staff member Nate Sammons
nate at VIS.ColoState.EDU
Mon Oct 25 18:10:09 PDT 1993
-----BEGIN PGP SIGNED MESSAGE-----
writes Peter Baumbach:
>
>What if you couldn't tell when a letter was signed unless you new the
>public key of the person signing it? How could this be done? Encode
>the digital signature with steganography. Is this possible when
>steganography alters the very message you wish to sign? I don't know.
>
>The benefit of this is signed and unsigned messages look like each other.
>People can't be lazy anymore and just assume the signature is yours.
>Your boss isn't likely going to notice you used pgp to sign your mail.
>
>Peter Baumbach
>baumbach at atmel.com
>
>
What if you were to use a higher number of bits per character than
ascii? Then you could use the highest (or lowest) bit for a signature.
This may not be such a good idea for ascii mail, but if there is ever
a real "multi-media" (I _hate_ that term) mail, such as 'ol NeXTmail,
then I can see how it would be easy to squeeze in a signature.
- -nate
- --
+-----------------------------------------------------------------------+
| Nate Sammons email: nate at VIS.ColoState.Edu
| Colorado State University Computer Visualization Laboratory
| Finger nate at monet.VIS.ColoState.Edu for my PGP key
| Key fingerprint = 2D CD 07 CA 7B EC A8 4A 86 7F F3 A8 1D 15 65 46
| Title 18 USC 2511 and 18 USC 2703 Protected --> Monitoring Forbidden
+--------+ Guerrilla Cryptographer Always remember "Brazil"
More information about the cypherpunks-legacy
mailing list