[2362] in cryptography@c2.net mail archive
Re: More MAC fun
daemon@ATHENA.MIT.EDU (Mike Rosing)
Wed Mar 25 14:46:15 1998
Date: Wed, 25 Mar 1998 09:16:46 -0600 (CST)
From: Mike Rosing <cryptech@Mcs.Net>
cc: cryptography@c2.net
In-Reply-To: <Pine.LNX.3.96.980324164125.28175B-100000@alpha.sea-to-sky.net>
On Tue, 24 Mar 1998, Steve Reid wrote:
> It's an obvious thing to do, and I expect it's practical as well.
> Suppose you have a protocol that sends packets of plaintext data along
> with a 128-bit MAC to detect tampering. Instead of sending the 128-bit
> MAC, send 64 bits of encrypted cargo and a 64-bit MAC of the regular
> plaintext and the cargo. This would normally cause the recipient to
> reject the packet (the 128 bits is not a 128-bit MAC of the plaintext)
> so the software would have to be modified to decrypt the cargo and check
> the 64-bit MAC. With this done, however, the protocol behaves just as
> before (any tampering is detected by the 64-bit MAC) except that you now
> have an invisible channel.
>
> I believe this is more secure than stegoing data into jpegs and such.
> Statistical analysis may be able to detect stego in image and sound
> files, but MACs are _supposed_ to have the same statistical properties
> as encrypted messages.
>
> Comments?
I think it's a great stego idea, but it's still "illegal for export".
The ratio of data to MAC could be played with as well to make the
detection process more difficult. that is, change it from 64/64 to
range (randomly?) between 48/96 and 96/48 (data/MAC). Would be a useful
channel to hide data with.
Patience, persistence, truth,
Dr. mike
