[Cryptography] Steganography and bringing encryption to a piece of paper

Michael Kjörling michael at kjorling.se
Sat Jul 19 17:11:26 EDT 2014 

On 19 Jul 2014 00:25 +0200, from gregory at alvarez-garcia.com (Grégory Alvarez):
> The meaning needs to be altered if we want to hide a message. I was
> thinking about extracting a phrase from internet (or a database) that
> contain a ciphertext word and use it in the final encrypted message. This
> will allow to maintain a coherence between the words. The downsides are :
> 
> - You need to send the ciphertext words over the internet to look for
> phrases, someone can intercept them. Using a database require a lot of
> information and storage. It may not be practical.
> - The final message will contain a phrase for every ciphertext word, it's
> very long.
> 
> I don't think this idea will work.

There's another reason why that wouldn't really work. The database can
be local; storage these days is relatively cheap. Let's say we have
the ciphertext words HOT, RESEARCHER, PRETTY, TIME, SUSPICIOUS. Try
this; each sentence contains one of the words:

"I'd say that 55+ C is too hot for a disk. The best approach entirely
depends on the skills and equipment in possession of the researcher,
or whoever is configuring the emulator. It gives a pretty error
message and dies. Wow, that was a long time ago! We are suspicious of
people who stay up too late."

A message like that would stand out a little, wouldn't it? Yet, I just
copied five relatively innocous sentences from various discussion
forum posts, blog posts and emails I happened to have around the
computer, and fixed one obvious typo. It just doesn't look like
something a human would write, and I'm pretty sure even a poorly
trained, relatively naiive Bayesian filter would pick it out as
warranting a closer look.

Project Gutenberg has published (in April 2010) a DL DVD containing
almost 30,000 books in less than 8 GB, which should be plenty. Many
computers these days even have enough RAM that all of that could be
held in _cache_.

Making the resultant text _reliably_ look like something a human would
write is likely a much more difficult problem to solve.

-- 
Michael Kjörling • http://michael.kjorling.semichael at kjorling.se
OpenPGP B501AC6429EF4514 http://michael.kjorling.se/public-keys/pgp
                “People who think they know everything really annoy
                those of us who know we don’t.” (Bjarne Stroustrup)

More information about the cryptography mailing list