[FoRK] Crypto protocol for only good news?

Dave Long < dave.long at bluewin.ch > on > Fri Aug 18 15:53:13 PDT 2006

> First, to sidestep the geopolitical issues of gender selection, I'll
> use a new example: you've taped the big game, and you don't want your
> friend to tell you who won before you've had a chance to watch it...

There's a square root in keeping covert channels obscure, so they're  
more efficient for relatively infrequent events (like births) than for  
relatively frequent events (like big games).*

For instance, for only 1 bit, the only possibilities are one-sided, and  
the result is guaranteed to be as far from the expectation value as  
possible.  (The latter is no longer the case for two bits, but half of  
the possibilities are still single-outcome)

Consider the LFSR, which looks very random locally yet globally very  


:: :: ::

* the story goes that the allied group who were in charge of producing  
bombing missions in hopes of provoking known-plaintext reports went to  
some trouble to bury their signal in the noise, but they needn't have  
bothered, as the german top brass didn't expect enigma was compromised.

(I was very disappointed to discover that the "humboldt squids" which  
are said to fear Bruce Schneier are mere cephalopods, and not some kind  
of weak-link woodpecker super tempest devices useful for  
over-the-horizon clipping of a few quanta from the bits in your  
network, at the cost of consuming both truly astronomical amounts of  
LN2 and bushels of arcata's finest)

see also "physics & philosophical pyromania"
"audio subliminal channels"
or, for the math involved, "more random stuff"

all of which basically rotate around this article:

Haldane, "The Faking of Genetical Results", Eureka 27, 1941

