integrating GPG with deniable steganography

Matthias Urlichs smurf at
Tue Mar 20 21:03:03 CET 2001


Florian Weimer:
> > Hmm. Don't most crypto algorithms just look like random bits when you
> > don't have the key?
> Yes, but random bits are suspicious because they are very rare under
> normal circumstances.
I don't need random bits. I just need something to hide behind. That
something can be randomness (it doesn't have to be 100% random; 10%
random is fine too, I just need more bits -- the end result might even
show _more_ correlation than the input file), but it can also be
something entirely different.

For instance, I might take an MP3 encoder or a JPEG compressor. I might
then let the computer fiddle with the data of each basic unit (the
image's 8x8 block, for instance) until the decompressed data stream's
low-order bits (or the result of hashing them with MD5 or whatever)
"just happens to" yield my crypted data. IMHO, it's impossible to prove
that there exists no combination of encoder parameters plus input data
which emits exactly this MP3 data stream or JPEG image under "normal"
circumstances -- it's a lossy compression, after all, thus you can't get
the original data back no matter how hard you try because you cannot
know which bits the algorithm threw away. Thus, the NSA's fancy
randomness detection algorithms are 100% worthless.

Matthias Urlichs     |     noris network AG     |

More information about the Gnupg-devel mailing list