Re(2): A GPG version of the PGPstealth program?

Andrew Marlow apm35 at
Wed Aug 29 23:08:02 CEST 2001

tftp at writes:
>--- Andrew Marlow <apm35 at> wrote:
>You can also XOR the GPG data with a text from a Bible.
>It would make an acceptable keystream for your purposes...
>even better than what you propose :-)

Not so. Take a look at the stealth web site
for the technical details:-
>> This is the bit where I *deny* that there is a secret msg.
>The attacker can use the same algorithm - and your own
>public key as the secret key - to produce the GPG stream,
>which will prove that this is a GPG message. 

I probably did not make myself clear enough.
The idea is that the attacker is assumed to have
knowledge of all steg methods so it is assumed
that the attacker will do this. But when they do they
just gets the stealth'd data which is DENIABLE.

>The number
>of stego algorithms is finite, 
I do not believe in security thru obscurity (STO).
Steg on its own is STO which doesn't work since
the truth will always out in the end. My interest
is in combining steg with deniable public key crypto.

>and if you want to get somewhere
>with this idea you probably have to use an outer envelope that
>can not be deciphered into anything but noise without the unique,
>secretly maintained, key.

The process of making the PGP/GPG stream
resemble noise is what stealth is designed to do.
>You see, public key crypto and stego have opposite purposes. The
>PKI allows anyone to receive (and recognize them, of course!)
>crypto messages. Steganography systems go to great length to
>hide even the fact that there is a second message somewhere...

I agree ;-)
>I am still unsure how valuable the second layer of encryption
>would be, especially using publicly available "secret" key...

The steg I would like to use employs a symmetric
key, otherwise it would be very trivial STO.
And we all know the trouble with symmetric key
exchange. The people with whom I communicate
in this way would be advised that the key is my
public key, which adds a bit more obscurity to the
STO but does not suffer the inconvenience of
maintaining symmetric keys with all the people
>but if you really want to do that, there are plenty of simple
>ciphers, block or stream, that can be implemented in 100 lines
>of any language. 
The strength of crypto lies in the strength of the
algorithm and the key, and these are assessed
by peer review. Thus I have no desire to
(re)invent unproven crypto not subject to such
review. There is plenty of strong crypto already
out there. PGP/GPG is my favourite. I would use it.
I would not invent my own.

>You only need to export the public key and
>then use it (all or portion of it) as a symmetric key.


More information about the Gnupg-devel mailing list