Standard for Stenography?
Black Unicorn
unicorn at access.digex.net
Thu Mar 3 04:07:43 PST 1994
->
The reason for the "STENOGRAPHY" field is to assist your computer in
determining if this is a stenography file & that the correct key was
chosen without attempting to decrypt the whole file. I know that this
presents the possibility of a small "known plaintext attack", but a good
encryption system should stand up to such an attack. RSA can ...
can't it?
<-
The problem with your approach (I believe) is that if MY computer
can (without an attempt at desteging and decryption with the proper
key) tell the file is a stego file, then anyone can filter all
traffic and just pick out the stego files.
This of course removes half (or most) of the incentive to use
stego in the first place.
The flaw in your basic motivation is that you place processing
speed at a higher value than security.
Even if the only loss were a small known plaintext attack potential,
it still is not worth (IMHO) the security shortfall that results.
Have I misunderstood your suggestion?
-uni- (Dark)
More information about the cypherpunks-legacy
mailing list