Australia's promised “not-a-backdoor” crypto-busting bill is out and the government has kept its word - it doesn't want a backdoor, just the keys to your front one.
The draft of The Assistance and Access Bill 2018 calls for anyone using or selling communications services in Australia will be subject to police orders for access to private data.
That includes all vendors of computers, phones, apps, social media and cloud services in the Lucky Country, and anyone within national borders using them. These data-tapping orders will be enforced with fines of up to AU$10m (US$7.3m) for companies or $50,000 ($36,368) for individuals
The draft legislation also wants five years in prison for anyone who reveals a data-slurping investigation is going on. And while there's no explicit encryption backdoor requirements in the 110 page draft bill, our first look suggests there doesn't need to be.
(Score: 2) by JoeMerchant on Wednesday August 15 2018, @01:46PM (3 children)
There is no encryption system which can "prove" that you haven't hidden another message in it.
🌻🌻 [google.com]
(Score: 2) by edIII on Thursday August 16 2018, @08:19PM (2 children)
Depends on what you mean by "prove". Technically, the feature you alluded to previously is called Deniable encryption [wikipedia.org]. Encryption that supports that feature allows you to never be able to prove that you had hidden another message. You're asking for the opposite, to prove that no other message exists.
Not all encryption supports deniability. In those methods, it's not difficult to more or less prove that the encryption method isn't hiding additional data. At least not facilitated by that encryption. However, nothing prevents you from performing multiple passes, with each pass differently encrypted. If the final plaintext that is produced has no datatype signatures, conforms to no standards we know, contains no known data structures, and essentially looks like random noise, then yes, it will be very difficult to prove that another message was NOT hidden in it. That's because deniable encryption looks just like noise. The high entropy of that noise, the better.
Many traditional encryption methods leave identifiable signatures too. Deniable encryption is about removing all such signatures and leaving you with "unprovable" noise that resists all analysis.
Technically, lunchtime is at any moment. It's just a wave function.
(Score: 2) by JoeMerchant on Thursday August 16 2018, @08:35PM (1 child)
Some story I recently consumed about WWII African mail back home included a bit about the code that the corresponding couple used to communicate through the censors. They basically blathered on about inane stuff like the recent cricket match, the weather, somebody's scorpion bite, whatever, and the real message was encoded in the second letter of each first word on each line. The messages were still somewhat cryptic, such as "bowlerhatsoon", but that's enough for one to tell the other that they are being discharged (only civilians wear bowler hats) and rotating home soon, which is big/important news that the censors would have struck out (simply discarded the letter, most likely). The censors were free to read the entire message, but unable to decipher the true meaning and of course let it pass.
No information theory will ever manage to prove or disprove the existence of such messages, as long as you're allowed to send enough crap along, and with people sharing 16MP color photos of their meals every day, plus cat videos, I think there's plenty of bandwidth in which to cleverly hide just about any text you might ever want to communicate.
🌻🌻 [google.com]
(Score: 2) by edIII on Thursday August 16 2018, @10:30PM
That's reminiscent of the Japanese code book encryption, and to the Navajo communications, both in WWII as well.
It's worth noting that the reason why code books are secure, is that nobody understands the meaning of the individual words. However, the more they are used, and the more you can perform analysis of subsequent events associated with the coded conversations, the more you can deduce their meaning.
Code books not invulnerable precisely because they reuse the codes, and the opposite is the reason why one-time-pad encryption is the only provably unbreakable encryption around. One of the reasons why the Navajo were so secure is noted in bold above. That would not have protected them though over time, if the Japanese or Germans had enough transmissions and activity to analyze.
What you refer to at the end is Steganography, which can be combined with deniable encryption to encode messages in the random noise found in pretty much all pictures. Especially pictures in a night time setting produced by equipment not suited to low-light conditions.
WWII is indeed a very fascinating time period for the study of encryption.
Technically, lunchtime is at any moment. It's just a wave function.