 
     |
| security. (Page 1/1) |
|
maryjane
|
NOV 14, 10:16 PM
|
|
|
|
|
theogre
|
NOV 15, 12:42 AM
|
|
From a quick read of second link....
Sounds like Steganography on Steroids and Crack and many more heavy drugs.
Steganography, very short example:
You hind parts or all data you want to sent somewhere in one or more jpg etc images.
Even w/o using AES RSA and other encryption, secret data is often hard to impossible to read w/o correct tools.
If you use small secrets relative to picture file(s) size and very good encryption, very few outside of NSA etc w/ easy access to super computing no-one is likely to even notice "the bloat" if any cause the secret data. If done right likely can even survive photo editing sim to many editor software saves EXIF etc data attach to most photos.
EXIF metadata in JPG and others saves "Camera's" model, SN, Lens and Exposure data, GPS data and more deepening on just what took a picture. Unless you disable EXIF saving after edits most default is to keep it on any "children" files. (Note that you can edit, delete or add EXIF fields by using Win Properties and 3rd parties. Example: Many add © notices even tho is often deleted by others.) If you use IrfanView, open file, press I, click EXIF at bottom, to see a lot more then Win Properties.
Steganography data can look like valid data or noise in JPG etc file and many things will kept the "noise" unless many maybe you use some edit filters.
------------------
Dr. Ian Malcolm: Yeah, but your scientists were so preoccupied with whether or not they could, they didn't stop to think if they should.
(Jurassic Park)
The Ogre's Fiero Cave[This message has been edited by theogre (edited 11-15-2020).]
|
|
|
|
82-T/A [At Work]
|
NOV 15, 08:21 AM
|
|
Very cool algorithm, but I don't like how the article suggests it is completely able to obfuscate information and operation, which is simply not true.
For one, doing any kind of encryption creates a level of entropy, which will make it stand out at a minimum (one does not look like the other). Second, any behavior of the application can eventually be patterned, even if the encryption protocol itself was what was doing the encryption (e.g., it was replacing TLS). Under current constructs... most applications (console, desktop, or otherwise) have white space, and eliminating that white space, or encryption general, will make the file or data stand-out.
Still, cool stuff... math is everything.
|
|
|
blackrams
|
NOV 15, 11:32 AM
|
|
I am by far the least qualified person to discuss this but, this I will suggest, if indistinguishability obfuscation (io) is actually possible today or in the near future and this powerful cryptographic tool is coming, I'd think that our and other IT security folks would be all over it and this group would not have to be attempting to sell it per se. If, it's as good as Aayush Jain says...
Just call me a skeptic. If the shoe fits, wear it. 
Rams[This message has been edited by blackrams (edited 11-15-2020).]
|
|
|
|