Camouflage that message !

Ben Laurie ben at algroup.co.uk
Tue, 25 Sep 2001 09:10:10 +0100 

George Foot wrote:
> It is a simple matter to select Pointers to indicate a number, for
> example thirteen, different locations in the Pad and from each of these
> locations to derive a string of random bytes which can then  be
> EORed together to form a new string.  This new string becomes the
> camouflage string for a particular message and is unique to that
> message.
> 
> In deriving the camouflage string from the Pad there is no constraint
> whatever on the selection of locations in the Pad for Pointers.  The
> choice of Pointers is wholly independent of any other consideration.
> 
> The camouflage string must be reproduced precisely for successful
> decryption using exactly the same Pointers as were used for
> camouflage.  With a billion bytes from which to choose, even an
> incorrect selection by a single byte in respect of the location of only
> one of the Pointers will produce a totally meaningless result instead of
> revealing the plaintext of the message.
> 
> The term Camouflage is chosen for this method to emphasise that a
> simple camouflaging operation is all that is necessary to conceal the
> meaning of a message.  This is in contrast to the complex
> mathematical transformations which are more generally employed.
> The total computational effort is not only much reduced but
> particularly for short messages becomes very small indeed and the
> simplest of computers is adequate for the task.
> 
> The camouflaging method may be considered advantageous for the
> encryption of messages when commercial security is required.   The
> effective Key Space is very large indeed.  Depending on the
> application, there may be no need to retain knowledge of the Key after
> a message is transmitted.
> 
> No principles are involved which are fundamentally new.   If indeed
> the method should already be in use elsewhere I should be pleased to
> have information on experience which has been gained.   If there are
> drawbacks I should be glad to hear of them.

You haven't explained how you get the "Pointers" from one end to the
other. Nor does the idea that this method reduces load hold much water -
RC4, for example, is very lightweight (as are all symmetric ciphers,
when you get down to it) and can be done on even the most limited
hardware. Plus you have required access to at least a gigabyte of
storage. My Palm can't do that, but it can easily manage RC4.

Cheers,

Ben.

--
http://www.apache-ssl.org/ben.html

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff