Are basic principles flawed?

[Nic.Alderson@yeg.co.uk]

Consider the following:

1) I am intent on hiding my organisation's activity - for nefarious
reasons.
2) I design an encryption tool to encrypt the meaning (not the content)
of a document delivering an output in plain text as a readable document.
In simplest form this could be no more than word substitution - but this
should be vastly more sophisticated.
3) I encrypt this output using a second tool to scramble the content (or
maybe I don't bother).
4) I publish the output of 3 in the public domain to Echelon or any
other legal/illegal snooping technique.
5) I become the target of intensive surveillance and I am obliged to
deliver the key for action 3 and/or the authorities break the encryption
unbeknown to me.

The purpose of step 3 is obfuscation only.

Three things are achieved:-
a) I can argue that the output from 2 is the genuine article and has not
been encrypted when interrogated under RIPA.
b) Echelon (or any like snooper) will be mislead.
c) Attempts to decrypt the meaning should sufficiently ambiguous to be
meaningless. (i.e. many forms of arguably valid (readable) output could
be achieved).


This does not help the bona fide user and only works for text - but it
is the principle I am after.  =20
It undermines the basic tenet of these approaches to snooping and RIPA

Nic



<NOTE:The information in this email is intended for the person it is addres=
sed to. If you are not the named addressee, you must not copy, distribute o=
r take any action as a result of the information in it. Yorkshire Electrici=
ty Group plc cannot give any warranties or assurances about the safety and =
content of this email and any attachments. Yorkshire Electricity Group plc =
does not accept any responsibility for viruses and it is your responsibilit=
y to scan the email and any attachments.>