NSA explains how to redact documents electronically
Steven M. Bellovin
smb at cs.columbia.edu
Wed Jan 25 01:53:24 EST 2006
In message <20060125030247.93612.qmail at simone.iecc.com>, John Levine writes:
>>http://www.fas.org/sgp/othergov/dod/nsa-redact.pdf
>>
>>One wonders how long it will be till someone finds an error...
>
>Even if it's right, it's so complicated that it seems rather
>optimistic to expect people to follow it correctly every time.
I agree. It's also very dependent on the exact options that Microsoft
and Adobe have currently implemented. Minor changes could screw this
up completely.
>
>I don't claim to be a big security guru, but if I were planning to
>distribute a redacted PDF document, I'd render it to a bitmap, then
>turn the bitmap back into a PDF and ship that, a digital version of
>printing it out and scanning it back in. On Unixish systems, one can
>do that in about five minutes with freeware tools like ghostscript and
>xpdf.
That's more or less what they did when they declassified Skipjack,
though they may have used a real printer and scanner instead. Some
people laughed at NSA's technical ineptitude -- didn't they know how to
print to PDF directly? Others realized that NSA understood the problem
at a much deeper level.
--Steven M. Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list