Are basic principles flawed?

[Owen Lewis]

> -----Original Message-----
> From: ukcrypto-admin@chiark.greenend.org.uk
> [mailto:ukcrypto-admin@chiark.greenend.org.uk]On Behalf Of
> Nic.Alderson@yeg.co.uk
> Sent: 11 July 2001 10:10
> To: ukcrypto@chiark.greenend.org.uk
> Subject: Are basic principles flawed?
>
>
> Consider the following:
>
> 1) I am intent on hiding my organisation's activity - for nefarious
> reasons.
> 2) I design an encryption tool to encrypt the meaning (not the content)
> of a document delivering an output in plain text as a readable document.
> In simplest form this could be no more than word substitution - but this
> should be vastly more sophisticated.


This is commonly referred to as 'veiled speech' and is very widely used.


> 3) I encrypt this output using a second tool to scramble the content (or
> maybe I don't bother).
> 4) I publish the output of 3 in the public domain to Echelon or any
> other legal/illegal snooping technique.
> 5) I become the target of intensive surveillance and I am obliged to
> deliver the key for action 3 and/or the authorities break the encryption
> unbeknown to me.
>
> The purpose of step 3 is obfuscation only.
>
> Three things are achieved:-
> a) I can argue that the output from 2 is the genuine article and has not
> been encrypted when interrogated under RIPA.
> b) Echelon (or any like snooper) will be mislead.
> c) Attempts to decrypt the meaning should sufficiently ambiguous to be
> meaningless. (i.e. many forms of arguably valid (readable) output could
> be achieved).

If I understand you correctly, what you are doing at 2 is not encryption but
very simple coding, i.e. the substitution of a word or words for another or
others for the purpose of concealing meaning.
>
>
> This does not help the bona fide user and only works for text - but it
> is the principle I am after.
> It undermines the basic tenet of these approaches to snooping and RIPA

I do not see that it does. Word substitution codes are enormously easier to
break than are good ciphers, resembling a good crossword puzzle rather more
than anything else. A suitable computer analysis will rip through most like
a knife through butter.

However, it is possible to design one that operates much more akin to a
manual one time pad system. Such could raise the level of difficulty in
decoding to level close to that of a very good cipher, however, in doing
this the content will become entirely scrambles and it can no longer present
as normal content. Such a system would be extremely laborious and
error-prone.

A third approach would be to conceal information in a graphics file in a
manner where, the graphic can be viewed and the presence the information is
undetectable unless one has the original graphics file to compare against.
But this is a cipher system that uses a key.

I can't see that any of this affects the current situation re. 'snooping' or
the application of RIPA. The relevant provisions of RIPA are aimed at
subverting any sense of inviolability in the use of PKC.


Owen