In today's Times - now more stego mythology

Ian G Batten I.G.Batten at ftel.co.uk
Mon, 15 Oct 2001 15:10:18 +0100 

On Sun, 07 Oct 2001, Ross Anderson wrote:

> A journalist called me from the Times and told me he'd had a
> briefing from the security service on steganography. He had a
> lot of strange ideas, and I spent maybe 30 minutes trying to
> explain the sort of things that are common knowledge to
> members of this list. In particular, all we appear to know so
> far is that the bad guys used plaintext emails, and this is
> precisely what one expects a competent opponent to do: you do
> not want to draw attention to yourself by being among the few
> users of an exotic confidentiality or anonymity service, and
> in any case normal emails are hidden in just the same way as a
> pebble on brighton beach (Caspar's analogy).

As a layman, I've always assumed that the military and the spooks simply
misunderstand the nature of criminals.  ``Offical'' users of crypto need
to exchange large amounts of material between large numbers of users.
They have to generate and/or distribute large amounts of keymat, because
thousands of users will be shipping tens of thousands of messages every
day, many of those messages being large, and many being proforma.

By contrast, criminals, terrorists, resistance workers, etc need to
exchange very small amounts of data very infrequently.  Their
organisation is predicated about minimum communication, maximum
deniability, so techniques the government can't use for entire armies
are perfectly viable for six people exchanging limited items amongst
themselves.  The protagonists will be keen not to leave any links
between themselves anyway, so simply watching the Telegraph for an
advert reading:

                        Les sanglots longs
                        Des violons
                         De l'automne

to give 48 hours notice, and:

                        Blessent mon coeur
                        D'une langueur
                         Monotone.

for action is as good a mechanism as any.  And on miniscule amounts of
cyphertext, hand ciphers would actually be pretty good (how easy would
double playfair be to break on a depth of thirty characters?), and
keymat for a manual one-time pad would be trivial to generate.  Call me
paranoid, but I've always assumed those bible quotes and
incomprehensible love messages in the papers (or Private Eye,
particular) are mostly coded: after all, who reads the Times' classified
each morning on the offchance they might get a note from fluffy bunny?

Meanwhile, the spooks are looking for massive communication networks
with complex key distribution, large volumes of cyphertext, the
infrastructure of military power.  If you are an army, perhaps you
assume that everyone else is, likewise, an army.  Leo Marks' book
``Between Silk and Cyanide'' has much to say on this.

ian