On Wed, 29 May 1996, Brian Murrell wrote:
> from the quill of Michael Dillon <michael @
memra .
com> on scroll
> <Pine .
BSI .
3 .
93 .
960528213237 .
27524P-100000 @
sidhe .
memra .
com>
> > On Tue, 28 May 1996, Bill Stout wrote:
> > > 2. The ability to snoop for encrypted traffic is present
> >
> > This is quite easy once you are monitoring unless the encrypted traffic
> > is
> > steganographic in nature.
>
> Michael; you got me. I spent some 10 minutes trying to find out what
> steganographic means. It's not even in the Oxford Concise bla bla bla
> dictionary. What does steganographic mean??
:-) dictionaries are obsolete, the web rules!
Steganography is a technique of hiding information in pictures. You do
this by stealing one bit per pixel and encoding your info in the stolen
bits. This alters the picture very slightly but not enough for anyone to
notice. If you hunt for "steganography" on the web you will come across at
least one program for Macs that does this. There may be more these days.
Since the technique relies on lots of "noise" to hide the information I
don't see how it can be monitored except possibly for certain well-known
steganography techniques such as the Mac program.
> To your point, how can one - without successfully decrypting traffic know
> that it's encrypted and not just jibberish sent down the line to confuse
> the snooping and decrypting parties?? Even if an encryption scheme leaves
> a signature that is easily lifted out, I could make my jibberish have the
> same signature.
Statistical analysis can do wonders, but probably not if you intentionally
send the encypted data along with jibberish, i.e. hide it in noise.
> > They might not be 100% sure about this but if they can decrypt DES-1 (and
> > most people believe this ability has existed since DES-1 was specified)
> > then it is easy to guess that DES-3 was used when a decrypted sample
> > comes
> > up unidentified.
>
> What says it's not idea, or one of the many other encryption methods out
> there that they have not broken yet. Process of elimination only works if
> you can elimiate *all* other possibilities.
These guys have probably done statistical analyses on lots of encrypted
messages using every known technique, but they *ALSO* have lots of
chutzpah. On the other hand, maybe it's a hoax and somebody who knew the
experimenter was trying DES-3 called up his friend Guido in the drama
school to go up there and frighten him. Who knows?
> Absolute compute power has nothing to
> do with it. Relative compute power does. How much compute power one party
> can afford vs. another party will affect the feasibility of encryption.
Right you are. I was only looking at the decrypt side of things.
Michael Dillon ISP & Internet Consulting
Memra Software Inc. Fax: +1-604-546-3049
http://www.memra.com E-mail: michael @
memra .
com
References:
|
|
