Is it possible to decide what is a gpg file?
Melikamp T. Medley
melikamp at melikamp.com
Wed Nov 18 02:06:51 CET 2009
Thank you, Robert.
OK so I looked it up and I think what I want is called "deniable encryption".
I was just hoping that people here would recommend some FOSS tool to
deniably encrypt individual files. If there is no such tool, I am just going to
write one.
The rest of this message describes the kind of "deniable encryption"
that I want. The tool should meet these practical goals:
(0) FOSS license
(1) Can encrypt individual files
(3) Can add salt (like a passphrase)
(2) Deniable encryption:
Given a file A with random data and a ciphertext B (cleartext is unknown),
it should be impossible to guess which is which more than half the time.
(3) Deniability is robust:
Given a file A with random data and a ciphertext B (cleartext is *known*),
it should be infeasible to prove with certainty much above 0.5 that
B is the ciphertext. This implies that obtaining the passphrase is
impractical and actually feels like a much stronger property.
I know a bit about information theory, and it seems to me that there is
at least one elementary way to encrypt a file in a way that is "undetectable".
One can xor the cleartext by a large pad. Decrypting requires the
same pad: anything else will produce garbage. Almost every ciphertext
looks like random data. The downside is that (partially) knowing the
cleartext would allow to reconstruct the pad, and hence other
ciphertext constructed with the same pad would be compromised.
A more advanced way to achieve the same goal is to take a passphrase
and to use it to construct a ciphertext. The hardest part, as far as I
understand, is in showing that it is infeasible to reconstruct the
passphrase, even when one has cleartext-ciphertext pairs, and that is
where the math becomes very useful.
But enough of me rambling. Thank you all in advance :)
> There are a lot of qualifiers on the "no, not really." A lot of Ph.D.
> theses have been written on this subject: it ties into some really deep
> areas of theoretical computer science. If you want to learn more about
> the qualifiers, I'd suggest reading up on algorithmic randomness and
> Kolmogorov-Chaitin complexity. It won't be easy reading, but speaking
> personally, I find this stuff fascinating.
More information about the Gnupg-users
mailing list