Return-Path: <azb@llnl.gov> Delivered-To: fc@all.net Received: from 204.181.12.215 by localhost with POP3 (fetchmail-5.1.0) for fc@localhost (single-drop); Mon, 24 Sep 2001 12:28:09 -0700 (PDT) Received: (qmail 31655 invoked by uid 510); 24 Sep 2001 19:25:59 -0000 Received: from smtp-1.llnl.gov (128.115.250.81) by 204.181.12.215 with SMTP; 24 Sep 2001 19:25:59 -0000 Received: from poptop.llnl.gov (localhost [127.0.0.1]) by smtp-1.llnl.gov (8.9.3/8.9.3/LLNL-gateway-1.0) with ESMTP id MAA08633 for <fc@all.net>; Mon, 24 Sep 2001 12:25:37 -0700 (PDT) Received: from catalyst.llnl.gov (catalyst.llnl.gov [128.115.222.68]) by poptop.llnl.gov (8.8.8/LLNL-3.0.2/pop.llnl.gov-5.1) with ESMTP id MAA22503 for <fc@all.net>; Mon, 24 Sep 2001 12:25:38 -0700 (PDT) Message-Id: <4.3.2.7.2.20010924121517.00b82100@poptop.llnl.gov> X-Sender: e048786@poptop.llnl.gov X-Mailer: QUALCOMM Windows Eudora Version 4.3.2 Date: Mon, 24 Sep 2001 12:26:40 -0700 To: fc@all.net From: Tony Bartoletti <azb@llnl.gov> Subject: Re: [iwar] [fc:Research.slaps.crypto-banning.Feds] (fwd) In-Reply-To: <200109241910.MAA05774@big.all.net> Content-Type: text/plain; charset="us-ascii"; format=flowed At 12:10 PM 9/24/01 -0700, you wrote: >You haven't visited out lab lately... > >FC :) No excuse on my part! I am sure that researchers apply a great variety of means to attempt to ferret out hidden content. But we also recognize that "one-time-pad" is both low-tech and unbreakable, and in conjunction with steganography, suffices to obscure even the existence of a hidden content. Granted, use of otp presents logistical difficulties (pre-agreement of keys). Of course, I assume it was not your lab that claimed to assert no significant steganography was in use. Central to my point, though, is that one cannot generally establish the non-existence of something by failing to find it. ____tony____ >Per the message sent by Tony Bartoletti: > >Although the hype about "widespread use of crypto/steganography by >terrorists" is probably overblown, I am curious how any group could examine >a graphic image to determine if steganography were in use. Aside from >thousands of possible encoding schemes that could be used to embed a >"plain-text" message, one must consider that the text could easily be >obscured beforehand by some combination of compression or otherwise "weak" >encryption. The combinations and variations are staggering, and if you >don't hit upon the right one, you see nothing out of the ordinary. > >As much as I oppose "crypto-banning" in general, I find the statement "The >researchers discuss, and dismiss, the possibility >that strong passwords were being used" to be patently self-serving. > >____tony____ > >--This communication is confidential to the parties it is intended to serve-- >Fred Cohen Fred Cohen & Associates.........tel/fax:925-454-0171 >fc@all.net The University of New Haven.....http://www.unhca.com/ >http://all.net/ Sandia National Laboratories....tel:925-294-2087 Tony Bartoletti 925-422-3881 <azb@llnl.gov> Information Operations, Warfare and Assurance Center Lawrence Livermore National Laboratory Livermore, CA 94551-9900
This archive was generated by hypermail 2.1.2 : 2001-09-29 21:08:49 PDT