Sorry, sent to author instead of list again. Message below. On Thu, Nov 19, 2009 at 11:02 AM, Brian Mearns <mearn...@gmail.com> wrote: > On Thu, Nov 19, 2009 at 10:26 AM, <ved...@hush.com> wrote: >> There is no way (yet, ;-) ), to do what you want in gnupg, as a >> gnupg encrypted file will show that it was encrypted either >> symmetrically or to a key. >> >> But, if you don't mind XOR-ing with a large pad, and you have a >> secure place to keep the pad, (not on the computer with the >> encrypted files), >> you can do something like the following: >> >> [1] Encrypt whatever file you want using gnupg, and the options of >> --throw-keyids --armor >> >> This will produce a ciphertext output of the encrypted file, with >> no information about the key it was encrypted to, except for the >> type (dh, rsa) and the size. >> >> [2] Find, or write, a document equal to or greater, than the size >> of the file in [1], and save it on your computer, and do not save >> the file in [1]. >> >> [3] Construct a pad that XOR's from the file in [2] to the file in >> [1]. >> >> [4] Save the pad securely somewhere else. >> >> [5] If the pad is discovered, people will expect to use it to apply >> to a ciphertext and recover a plaintext, not the other way around, >> and you have no ciphertexts on your computer, and even if it were >> used correctly to recover the ciphertext, the plaintext still >> cannot be recovered without the key and passphrase. >> >> BUT, >> >> Only you know what your threat model is. >> >> This will probably not be a good idea to use if your threat model >> includes dangerous determined adversaries who know the field. >> >> >> vedaal > [snip] > > I think you're very much over-complicating things. If you're going to > go through all the trouble of creating a pad of equal length to your > message, then just make it an OTP, XOR it with your message, and > you're done. No need for gpg at all in that case, and no need for a > cover document. > > If he wants to hide the fact that he has an encrypted document, that's > a completely different matter and calls for steganography. > > -Brian > > > > > -- > Feel free to contact me using PGP Encryption: > Key Id: 0x3AA70848 > Available from: http://keys.gnupg.net >
-- Feel free to contact me using PGP Encryption: Key Id: 0x3AA70848 Available from: http://keys.gnupg.net _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users
