Distinguishing Encrypted Data From Random Data? 467
gust5av writes "I'm working on a little script to provide very simple and easy to use steganography. I'm using bash together with cryptsetup (without LUKS), and the plausible deniability lies in writing to different parts of a container file. On decryption you specify the offset of the hidden data. Together with a dynamically expanding filesystem, this makes it possible to have an arbitrary number of hidden volumes in a file. It is implausible to reveal the encrypted data without the password, but is it possible to prove there is encrypted data where you claim there's not? If I give someone one file containing random data and another containing data encrypted with AES, will he be able to tell which is which?"
Re:iieorjoeghoiuhtr (Score:4, Funny)
Trick question! It is random text that's been encrypted!
Re:Lifting the Lid on the Guilty Yid (Score:2, Funny)
Re:iieorjoeghoiuhtr (Score:3, Funny)
Re:Well (Score:5, Funny)
Re:It's all about entropy (Score:3, Funny)
Re:Well (Score:5, Funny)
Weird. I guess I there's a bug in my ROT13 implementation. If I run my text through twice, I just get the original message.
Just do what they did with DES... use 3rot13 and you're much more secure than the original implementation.
Sure, you have to use... (Score:1, Funny)
Math.
Be sure to use some math and it'll all be good
Re:Ignore the person holding the phone book. (Score:3, Funny)
Re:Ignore the person holding the phone book. (Score:3, Funny)
They will need to give it a significant civilian use, so it should come with an attachment that lets you beat the marketing department and PHBs to death with a paper towel roller.
Re:iieorjoeghoiuhtr (Score:4, Funny)
Looks Welsh...
NSA? Bah. (Score:4, Funny)
I don't work for any 3-letter agency and even I could easily get the information needed.
With the right tools. [xkcd.com]
Re:Ignore the person holding the phone book. (Score:5, Funny)
they aren't going to drug / beat every single person coming onto an airplane
If you fly US Airways, there's a $25 service charge if you want to get beaten and drugged before boarding. I remember when that shit used to be included in the base ticket price.
Re:Ignore the person holding the phone book. (Score:5, Funny)
If your jpgs look like everybody elses jpgs both visually and under close analytical scrutiny they aren't going to bother you.
I've developed a fascinating algorithm for encoding hidden data by slightly modulating breast sizes, but this comment is too small to contain it.
Re:It's all about entropy (Score:3, Funny)
Re:One more level... (Score:5, Funny)
But a good defense attorney would apply the same principle to show that the prosecution's legal submissions were really steganography hiding insults to the judge's mother.
Re:No, you ALL miss the point. (Score:3, Funny)
You tell them you just visited your cousin Jim, who had an old hard drive he didn't want anymore, and you needed a spare so he gave it to you, but not before he ran "dd if=/dev/urandom of=/dev/sda1" because he didn't want you having his old tax documents. All you've done with it since is install the OS...
...and a copy of Truecrypt into Program Files.
Re:iieorjoeghoiuhtr (Score:5, Funny)
Re:It's all about entropy (Score:3, Funny)
Better yet: Make it compressed headerless video. Claim you're recording Uranus.