Re: encrypt/decrypt

• Date: Wed, 28 Aug 1996 10:37:51 PDT
• From:
  "Robert J. Brown" <rj@eli.wariat.org>
• CC: grysmith@freenet.edmonton.ab.ca, moo-cows@parc.xerox.com, jeffgoff@synergy.net, rj@eli.wariat.org
• In-reply-to: <199608281647.MAA13568@hunny.INS.CWRU.Edu> (sir@po.cwru.edu)

>>>>> "Seth" == Seth I Rich <sir@po.cwru.edu> writes:

    Seth> (I'm not clear who wrote this -- I haven't been reading this
    Seth> thread but this paragraph screamed out at me.)

    >> But I maintain, it is not making the data unrecognizeable that
    >> is hard, it is hiding the information about HOW you made it
    >> unrecognizeable so that no one can just walk in, and steal the
    >> password, and have access to your system.

    Seth> Bad bad bad.  This isn't how crypto works.  What you suggest
    Seth> is called "security by obscurity" by people who are being
    Seth> kind.  What crypto experts promote are open and testable
    Seth> algorithms -- if the encryption is crackable it's not
    Seth> secure, that's the end of it.  (If a crypto company claims
    Seth> to have a `proprietary' algorithm, odds are it's crap.
    Seth> Especially if they say something like: BriarCrypt is highly
    Seth> immune to all decryption techniques, and we'll give you $400
    Seth> and five free licenses if you crack this encrypted message:
    Seth> FDSHKFYHRIA49821384YWQHDKJWA79.)

    Seth> It -is- about making the data unrecognizable.  If you know
    Seth> that document `foo' is PGP-encrypted, that does you no good
    Seth> -- you can't read it unless you know the keys or brute-force
    Seth> it somehow.  That's where the strength of the encrypting
    Seth> comes in -- not in hiding -how- you did it, but in ensuring
    Seth> that the mechanism you used is reliable.

I think the previous author was concerned with what is more properly
called the key passing protocol problem.  How do you give certain
people a key without giving "the enemy" a key also?

The other problem is stealth.  If it is not possible to detect that
any communication is occuring at all, then that communication is more
secure that if it were merely encrypted.  In military, LPI (Low
Probability of Intercept) techniques are used to make it hard to
detect that any signal is being broadcast.  

On the internet, there are ample opportunities to "conceal" a message:
embed "errors" in large binary files, such as porno gifs or jpegs
("correcting" the checksum accordingly) and the receiver knows where
these files are posted, such as to newsgroups.  Use an unadulterated
copy of the file for the key to decode, and post that somewhere else,
preferable long before, so it will be long gone off the newsgroup by
the time it is needed to decrypt a stealt message.

Another technique used by the military is meteor scattering.  They
bounce the signals off of meteor bursts that leave ionized regions in
the ionosphere.  This way, their transmitting antenna points upwards,
but the signal can be received at other places on the ground.  Due to
the noisy nature of these ionized regions, error correcting codes are
used to make sure the message is not corrupted.  The idea is to make
it impossible to determine the source of a signal.  The enemy does not
need to know what you are saying to realize that it is not his side
saying it.  The result is that he lobs a shell in the direction of
your antenna and knocks you out.  Meteor scattering conceals the
originator's location.

The analogous internet technique is IP address spoofing.

Combine stealth, originator location concealment, and encryption, and
you have a reasonable means to get a means to get your message
through, undetected, or if detected, so they cannot trace it back to
you, and they cannot understand what you said.  The signature aspect
of encryption allows you to identify yourself to your desired
recipient, so he need not worry about forgeries.

I have noticed the past several weeks that the routes chosen by many
of my connections seem much slower than usual.  I have done
traceroutes, and find that often times, this slowness is due to
routing my traffic all the way to Reston Virginia and back again, even
though the machine I was communicating with was physically only about
6 miles away from me.

Given the TWA plane that crashed off Long Island, which looks like it
might be a terrorist bombing, and the bomb at the olympics in Atlanta
Georgia, I suspect that the DOD, NSA, CIA, and FBI are monitoring
internet traffic a bit more thouroughly than they used to :-)

			 "Watch what you say,
			And who you say it to;
			That Great Big Brother
		      Just may be watching you!"

-- 
--------  "And there came a writing to him from Elijah"  [2Ch 21:12]  --------
Robert Jay Brown III  rj@eli.wariat.org  http://eli.wariat.org  1 847 705-0424
Elijah Laboratories Inc.;  37 South Greenwood Avenue;  Palatine, IL 60067-6328
-----  M o d e l i n g   t h e   M e t h o d s   o f   t h e   M i n d  ------

• Re: encrypt/decrypt
• From: "Seth I. Rich" <sir@po.cwru.edu>

• Prev: Re: encrypt/decrypt
• Next: Re: encrypt/decrypt
• Index: MOO-cows
• Thread: MOO-cows