Testing for encryption. (fwd)
Sunder
sunder at sunder.net
Thu Feb 22 09:03:45 PST 2001
Jim Choate wrote:
>
> Yeah, yeah, yeah. Only problem is the constraint that GPG must be
> specified as the allowed source encryption standard a priori. This was NOT
> in the original problem description.
>
> There is NO algorithm which will determine if an arbitrary piece of text
> is encrypted by an arbitrary algorithm. You can tell, at least
> statistically if a particular piece of arbitrary text ISN'T a particular
> algorithm or language either. Again, not the same problem.
>
Yes, but you >CAN< specify that PGP and GPG and OpenPGP and other flavors
are acceptible.
However, for a closed mailing list you simply require a particular (or
a set of) flavor of email encryptors which the listserver will understand.
Simple. Solved. Done.
So your arguement is bullshit. These have clear text tags indicating what
the encrypted data was encrypted with. End of story.
You can check the level of entropy in a block, which will tell you that
it is either random, random looking, or encrypted.
Certain encryption algorithms MAY have some characteristics over just
plain random data. For instance WWII engima had a flaw whereby if you
encoded an "A" you would never get back an "A". This was very useful
for Bletchley.
If you're trying to detect whether or not there's hidden stego in
something there are several ways to find out. One is simply if you get
two copies of the same media, you can compare them. Another is to look
for statistical differences in the low bits based on the program that
generated them. You'll find that the low bits of audio for instance
aren't all that random usually... etc...
If you've got a good stego program, it will try to compensate for the
bits it changes. Depending on how good it is, you can figure it out.
--
----------------------Kaos-Keraunos-Kybernetos---------------------------
+ ^ + :Surveillance cameras|Passwords are like underwear. You don't /|\
\|/ :aren't security. A |share them, you don't hang them on your/\|/\
<--*-->:camera won't stop a |monitor, or under your keyboard, you \/|\/
/|\ :masked killer, but |don't email them, or put them on a web \|/
+ v + :will violate privacy|site, and you must change them very often.
--------_sunder_ at _sunder_._net_------- http://www.sunder.net ------------
More information about the cypherpunks-legacy
mailing list