Re: A revision of my text stego scheme



On 11-05-22 3:56 AM, Mok-Kong Shen wrote:
Am 21.05.2011 23:48, schrieb Jeffrey Goldberg:

As I'm mentioned in other threads, it is fun to develop systems that the
users fully understand. But using such systems where it matters is
almost certainly going to be a mistake.

I don't understand your last sentence. The better a user understands
how a system works, the less (or at least not greater) should be his
chance of making errors in performing his work, right?

In my last sentence I was saying that the choice of a system that the
user fully understands is likely to be a mistake. I would have thought
that the example I provided of something using a Caesar cipher of his
own invention instead of using any of the AES finalists which he'd been
encouraged to use was a mistake.

But perhaps you are referring to my statement earlier in your my message
that people users of your system may not always encrypted before hiding.
In this case, your users may understand how the system works, but not
understand how the system fails. If the hidden message is not
effectively random than statistical analysis is far more likely to
discover the that there is steganography and the entire scheme.

If the system itself is sound, i.e. functions well if it is applied
correctly, doesn't this contradict your claim above? You could argue
on the other hand that in order to properly work with a (well built)
system one doesn't need to understand how it works (if one is careful
enough), but that's all what you could argue in this context, I am
afraid.

The systems that people understand tend to be far weaker than the
systems that they don't. Again look at my example of a Caesar cipher
(understood by the user) and AES, understood by far fewer people.

As to the issue of hash function, I must admit firstly that I am
apparently so influenced by my subjectivity that I feel strongly
against using it myself in this connection and secondly that my
knowledge about hash functions hithertofore is extremely meagre.

You don't need to understand how hash functions do what they do, but you
do need to understand what they do.

So I have a sincere request to you, since you are a supporter of
the application of hash in the present case: Could you please be
kind enough to find some minutes to do an experiments on, say,
5 text lines, to compare the two schemes and tell us of their
actual comparative merits? (Please also email me the code used
so that I could repeat your experiment.)

Sorry no. The portion of the program needed to generate modifications of
the text would be time consuming to write. Ideally it should be
interactive and display a bunch of choices with the right properties to
to user to chose among. I am not advocating this as a steganographic
tool, I am advocating this is an improvement on yours.


For German I know books e.g. "Richtiges
Deutsch leicht gemacht" of WAHRIG, which tells how to write good
German and in part shows alternative constructions for the same
statement. There must be English books of the same genre. Could
someone kindly provide a good extensive reference?

The usage guide for American English that those of us of a certain age
grew up on is Strunk and White's Elements of Style. There is a much
more recent book which I think is far better, but for the life of me I
can't remember the title or authors.

The "classic" book is "Modern English Usage" by Fowler, but that is more
of historical importance than a current reference.

Cheers,

-j


--
Jeffrey Goldberg http://goldmark.org/jeff/
I rarely read HTML or poorly quoting posts
Reply-To address is valid
.



Relevant Pages

  • Re: A revision of my text stego scheme
    ... user fully understands is likely to be a mistake. ... knowledge about hash functions hithertofore is extremely meagre. ... actual comparative merits? ... I am advocating this is an improvement on yours. ...
    (sci.crypt)
  • Re: I need wisdom, please
    ... a dumb thing to do. ... I'm sure you're advocating I encourage this behavior by accepting it. ... dumb/stupid thing to do and not be expected to make the same mistake over ... stupid mistakes. ...
    (sci.med.transcription)