Corrupting files

Samuel ]slund samuel at Update.UU.SE
Tue Jun 13 09:02:26 CEST 2006


On Mon, Jun 12, 2006 at 11:55:54PM +0200, Ingo Klöcker wrote:
> No, it doesn't. You are still believing in security-by-obscurity meaning 
> that your additional "encryption" only works as long as you and the 
> recipient are the only ones who know the secret rule.

Please Ingo, _all_ encryption is based on "security-by-obscurity" if an 
attacker finds the secret key _any_ encryption system is toast.

> Anyway, why do you actually think that what you want to do would make 
> any sense? If the encryption algorithm you use is too weak so that 
> additional "encryption" methods are necessary then you probably 
> shouldn't use this encryption algorithm in the first place. And if the 
> encryption algorithm you use is strong enough (e.g. AES) then you gain 
> nothing by additional "encyrption" methods unless those additional 
> "encryption" methods are an even stronger encryption algorithm than the 
> first one (but then why apply the first one).

I can think of some possible scenarios; if an attacker is has automated the 
attacks, especially with attacks tailored for each known algorithm, then 
making the message not conform to known algorithms and structure should 
break the automation. Another could be, how would an attacker tell the 
difference between a random intercepted file that has been corrupted in 
transit and one with an additional human decryption step, e.g. during the 
window between key compromise and revocation. In this case we are dealing 
with humans that does not necessarily have huge amounts of resources and 
patience.

I'd be impressed by any people communicating that actually had the 
patience to keep up this kind of scheme, since any communication needs 
manual intervention.

//Samuel




More information about the Gnupg-users mailing list