integrating GPG with deniable steganography

Bernd Jendrissek berndj at prism.co.za
Tue Mar 20 16:51:07 CET 2001 

On Tue, Mar 20, 2001 at 02:39:21PM -0000, Marlow, Andrew (London) wrote:
> > I think no steganography algorithms with this property are a publicly
> > known today.  Steganography is about at the level cryptography was
> > several hundred years ago.
> 	[Marlow, Andrew (London)]  How depressing.
> 	Well I would rather not use steg than use a form of steg that is
> security-through-obscurity (STO). The trouble with STO is that is gives an
> ill-founded sense of well-being. STO does not work.
> 
> 	I still think that deniable steg is possible and other posts on this
> thread seem to agree. But it is hard and we are in the early stages of
> exploration.

Some thoughts on steg, encryption and RIP (whatever that is)

What would RIP do to me if a message I received contained this:

-----BEGIN (fake) PGP MESSAGE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

VGhpcyBiYXNlNjQgZW5jb2RlZCB0ZXh0IGNvdWxkIGp1c3QgYXMgd2VsbCBoYXZl
IGJlZW4gcmFuZG9tIGJ5dGVzLgo=
-----END (fake) PGP MESSAGE-----

or  similar?  The "(fake)" would  not appear in such a decoy  message.  Any
law that  gives authorities power to force decryption in  IMNSHO just plain
braindead. But gnupg-devel already knows that.

If I were  strapped to a chair with a nice bright light  shining right into
my eyes, and a friendly  voice said, "Please  decrypt this  message for us"
I would still say, "Sorry, there's  nothing there.  It's random data."

The only  difference I see between normal  encryption (with OpenPGP headers
and all) and  steganography is that  steg is less convenient to spot.  Does
that  mean that  steg is  just STO?  I  don't  know, IANASE.   But it seems
anything I can claim about a steganographically hidden  message, I can also
claim about a conventionally  encrypted message.  Maybe less  convincingly,
but still.  Either way no authority can prove squat without my cooperation.

Given the  existence of laws that can  force one to yield  decryption keys,
does  anything  stand in the  way of new laws that  force one to  yield the
same information one uses to detect the use of steganography?

Against  Truly  Evil  Organisations,  nothing is good  enough. If I were an
Evil Overlord and wanted to know what Alice sent Bob, I would put Bob, whom
I previously  captured, into a torture  chamber and say, "Every message you
reveal makes me release one more  cannister of painless nerve gas." I would
painstakingly proceed to torture Bob as well as I could, neglecting to tell
him that the cannisters really contain only dry ice. From Bob's perspective
it is in his best interest to reveal all messages ASAP.

The  mentality  that  says "If you're  hiding  something you're  guilty  of
*something*, I don't  know what"  This  places the  burden of  proof on the
accused, not on the prosecution, where it belongs.

I lean  toward  thinking that  steganography is security-through-obscurity,
with the proviso that it must be *very* obscure.

Maybe otherwise law-abiding people who want their privacy  respected should
start  regularly sending each  other pure entropy.  Then way  one can later
claim  that a message is  just chaff,  even if  it  isn't, with  some  more
credibility.  I'll  start;  here are  256 random  bytes for me.  I dare any
authorities to force me to decrypt this.  I would ROTFL.

-----BEGIN PGP MESSAGE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org

hQGOA5wnmG/F9JPzEAX9Fa7p+i/tQxfXkX1xsrVwX+rZvBTQQtice9ZRhxfJkC3+
9CsMmVUO0N+PoQE3z65B8Pvg3seHl16UPuuLU28vZS6xuh3n/biahCxvBKxUi7T5
yuL6Pntmy8UV0AD8myZEaE5EzC/Tkf807apKcMf6ktaZ/MBUmwQFfhdBKGjNBNEx
9zvSyFD6Z5O4+QQyMcXgWxRIKAEbGug9XRz+lZw5VpLCjXbjxjeImRMBDn+1Mp3k
Wte5I89c+AO2Q5RrKD2+BgC0+vt3PZgu/wL1mqMDSuqAoQkm1qroQA+EPEzIgNXH
LQquzSJXhWkrC1HiiwLqBehkyEeVVgJts9SroHoFPQFAxHhG7Rx9b+d/o1b7bCBQ
qtH58tZqY41vqC4nTSjqAoMecfl3ZXC4Xhw79AUtmyND+A1JZGjgg9FNOOy83Eoc
JrVZMAZFa2ZBxiFP+83A8IM7V0srvO5scWCME18U8Cau3IVTOvYJErVm/WSKAHf1
nvjjUPP/Qhuo5viGHc2pv8fSwH8BhGyfPv5qTh9Q0sjisk0w508g+BicBm2/Y6RY
g4QPGrEqjwx//d2Wy2CLigKggiNs9eeri3ImLTh3tZ/8jNZjVDyM2BVQZKCT1ool
diGY9HptJx6w//zxKZIXi3ryUjL7mT3SzGl9no6rKAtQirtw1HGCxlsrx5FCVjpL
wemIsSJKW3GK+PMTTlUMF4wWyy1g7uAGXxyFOVLaPaEPMvamNZUGycghtksoPB76
wZXxGN3+rYJ79iFmkuXtsxWkddkr8jwPL5ULG7OUbo7fA1G1ADYqZ8wKU8HMrqXc
H2lmKEN5XTCSLYjUG6HXvS5MFvfQl/6eOHI5LC0DoDVXnnIH1o72Pt7wjKM9/VH7
yGDvukGstaM7pdIN8u47xeCP0CZWPk3k6YgM5cJqf3ER8bgJHz+RkoNJLSapycFU
UdZX
=pFvf
-----END PGP MESSAGE-----

Does anyone want some more encrypted chaff?

Bernd Jendrissek

More information about the Gnupg-devel mailing list