 |
|
A new type of encryption for data security in a paranoid age
Due to the depredations of the governments on our rights, specifically the right to silence and the right to privacy, traditional key-escrow and newer public-private key systems are limited. For instance, the UK government has now outlawed secrets. If asked by a police officer, you MUST hand over your encryption keys. If you refuse, or if you cannot PROVE you have forgotten or lost it/them, then you can be jailed for a long time.
To combat this very real threat, new systems have already evolved. The use of a hotmail or other web-based email account is common to hide from spam or those who would seek to know who was sending the email they were getting (Spammers!). On a similar vein, how can any message be kept a secret if you must give your name and password to the authorities, on request, under penalty of law? Simple. Hide the data within other data.
A new system called Publius came into being recently, which uses cryptographic techniques to encrypt and split a message, such that any one part is useless, and a minimum number is required to gain access. These parts are then mirrored to a number of sites, within various countries. If half of the servers were shut down, the message could still be fully recovered, but no one server holds even half of the total message. This frees the server owner from any threat of his server being confiscated due to content on it, as nothing on his server can even be read!
Now, steganography, the technique of burying encrypted text in other files, such as pictures, in order to disguise the fact confidential messages are been exchanged, is almost as old as cryptography itself. However my system is a little different.
I propose a new system which is the inverse of Publius. You take your data, and the program (we shall call it Secrius) encrypts it. However, it takes each file of your data, and combines them together. A different password would be used for each file contained in the data block. By combining an innocent text file with your memoirs, or a bitmap of your countries flag with your accounts, you would have one file with two passwords. Decryption with one password would provide no indication of the content, or even existance, of the other files.
When someone threatens you to give your password, you can give one. This will 'prove' the file is innocent. Since it is impossible to know how many files and passwords there are for any given file, a search of every possible key phrase would be required to prove there was nothing of dubious content. This would be impractical. Even if it were not, some huge number of the results from any set of files would return bomb threats and intrigue.
Liken the process to a very simple code. From the start of this paragraph, 16, 9, 11, 7, 6, 2, gives 'secret', whereas 14, 1, 4, 22, 12, gives 'cLear'. The first code is continuous, in that you continue from where you just got the last character from, and the second restarts from the start of the paragraph each time. It can be seen that any arbitary word or phrase can be created. With compression and encryption this would result in a system that was almost unstoppable.
For example, a short message could be sent, containing this 'signature', and it could be applied to a standard text file, with the password, inside Securius, to generate a message. A more secure way would be to combine the two so that almost any message could be constructed if a password was entered. This would mean there was no 'right' or 'wrong' password, but you would get the wrong message with the wrong password!
This would ensure the privacy of your personal data, if a number of usefully long passwords were used, even if you or your data files were tortured!
UPDATE: The internet now has a new way to hide your message inside the pointless, annoying spam that you get! www.spammimic.com does just that. Try it out on the message below. Just go to "decode".
<Cut Below here>
Dear Friend , We know you are interested in receiving
cutting-edge news ! If you no longer wish to receive
our publications simply reply with a Subject: of "REMOVE"
and you will immediately be removed from our mailing
list ! This mail is being sent in compliance with Senate
bill 1620 ; Title 6 , Section 302 ! This is NOT unsolicited
bulk mail . Why work for somebody else when you can
become rich in 84 DAYS . Have you ever noticed how
many people you know are on the Internet and society
seems to be moving faster and faster . Well, now is
your chance to capitalize on this . WE will help YOU
increase customer response by 120% plus decrease perceived
waiting time by 180% . You are guaranteed to succeed
because we take all the risk . But don't believe us
. Prof Ames who resides in Connecticut tried us and
says "Now I'm rich many more things are possible" .
We assure you that we operate within all applicable
laws . We BESEECH you - act now . Sign up a friend
and you'll get a discount of 80% ! Thanks . Dear Internet
user ; We know you are interested in receiving hot
information . If you no longer wish to receive our
publications simply reply with a Subject: of "REMOVE"
and you will immediately be removed from our mailing
list ! This mail is being sent in compliance with Senate
bill 1626 , Title 1 ; Section 306 ! This is not multi-level
marketing ! Why work for somebody else when you can
become rich inside 50 WEEKS ! Have you ever noticed
nearly every commercial on television has a .com on
in it & nobody is getting any younger . Well, now is
your chance to capitalize on this . We will help you
increase customer response by 160% plus use credit
cards on your website ! You are guaranteed to succeed
because we take all the risk ! But don't believe us
. Mr Ames who resides in Arizona tried us and says
"Now I'm rich, Rich, RICH" ! This offer is 100% legal
! We IMPLORE you - act now . Sign up a friend and you
get half off . Cheers . Dear Friend ; Especially for
you - this breath-taking information ! We will comply
with all removal requests . This mail is being sent
in compliance with Senate bill 1816 , Title 1 , Section
304 . THIS IS NOT A GET RICH SCHEME ! Why work for
somebody else when you can become rich in 53 months
! Have you ever noticed more people than ever are surfing
the web & nobody is getting any younger . Well, now
is your chance to capitalize on this . WE will help
YOU sell more and process your orders within seconds
! The best thing about our system is that it is absolutely
risk free for you ! But don't believe us . Ms Anderson
of Pennsylvania tried us and says "I was skeptical
but it worked for me" ! We assure you that we operate
within all applicable laws ! We beseech you - act now
! Sign up a friend and you'll get a discount of 50%
! Thanks . Dear Colleague , This letter was specially
selected to be sent to you . If you are not interested
in our publications and wish to be removed from our
lists, simply do NOT respond and ignore this mail !
This mail is being sent in compliance with Senate bill
2716 ; Title 6 ; Section 301 . This is different than
anything else you've seen . Why work for somebody else
when you can become rich inside 65 days ! Have you
ever noticed people love convenience and society seems
to be moving faster and faster ! Well, now is your
chance to capitalize on this ! WE will help YOU deliver
goods right to the customer's doorstep & deliver goods
right to the customer's doorstep ! The best thing about
our system is that it is absolutely risk free for you
! But don't believe us . Ms Jones of Mississippi tried
us and says "My only problem now is where to park all
my cars" . We are a BBB member in good standing ! We
IMPLORE you - act now ! Sign up a friend and your friend
will be rich too . Thanks .
<Ends>
This is a fairly good encryption engine, since changing one character will change the resulting message quite a lot. Obviously, it is limited since it still has to look like spam!
Back to Index