PDA

View Full Version : graphic encryption (not stenographs)



Unregistered
12-19-2003, 09:38 PM
I am new to crypto but is there any way to use a picture as a key for an encryption program? It would make the key long and hard even for the NSA to crack because there are so many digital pictures out there on the net. Could you "randomly" select a pixels color palette and you that to encode the data? I know that to get a pixels color you just use the pick command. An ideas or link would be helpful.

DATA
12-21-2003, 05:06 AM
hi,



I am new to crypto but is there any way to use a picture as a key for an encryption program? It would make the key long and hard even for the NSA to crack because there are so many digital pictures out there on the net.


Since you say that its not about steganography,well ok.

Yes, a picture can be used as a key.

After all,what does the pixels of the picture contain? Its the color information in bits. In other words is a number. We can use a number as a key.

The one time pad is a perfectly secret cryptosystem,if the key generated is random and the pad is not repeated.

The length of they key alone doesn't give security, the encryption algorithm should have properties that make it hard to crack.





Could you "randomly" select a pixels color palette and you that to encode the data? I know that to get a pixels color you just use the pick command. An ideas or link would be helpful.


yes,thats the idea behind the one time pad. In one time pad we xor the plain text with the random key.

xor is bitwise addition modulo 2.

The question is how do you know that the random number generated is really random.

There are statistical tests such as the die hard battery which allows us to check for randomness. Other wise we can take any text and pass it over a one way hash function and call it random.


Regards Data.

Unregistered
12-22-2003, 04:23 PM
So, a picture would be a good key if I could make sure the pixels were picked in a random pattern

The algorithm would probably be xor to start with. Would that be a good start?

Any more ideas or hint of how to make it anymore secure would be helpful.
How about using this as the source for the random points o pick values from? www.lavarnd.org

DATA
12-23-2003, 02:32 AM
hi,


yes-it is a good source of random numbers,if it does every thing what it says in
http://www.lavarnd.org/what/how-it-works.html


look athe process
http://www.lavarnd.org/what/process.html

The basic idea is to take a still picture(an image) by enclosing the CCD chip(which transforms a captured image into pixels) in the Lavacan(the big black box that appears in the picture.
They say that the brightness(luminecense) in the box is chaotic in nature. We take this as input for generating random numbers.

For a brief intro on chaos look at.

http://www.imho.com/grae/chaos/chaos.html

http://opnoone.members.easyspace.com/
look for the chaos applet.Its a simple illustrartion of chaos.


The problem, is that even chaotic data has patterns hidden it,thus preventing it from being truely random.

So,in order to diffuse this pattern, they do a *7 way turn. its simply a permutation or transposition of the bits.See -

http://www.lavarnd.org/faq/n-way_turn.html

If you remember,the german enigma rotors used a transpostion cipher for encryption.

then we perform xor-rotate and fold .
The concept used is that of a linear feedback shift register. We use such registers popularly,in stream ciphers. Stream ciphers have annoying non-random properties . However,it can be used in combination with other systems,to make the output random.



The idea of xoring is to eliminate skew-

let us define probability between 0 and *.Let 'e' be the bias towards '*'. If bits are truely random p(0)=0.5 and p(*)= 0.5

If we define p(0)=0.5+e ,where e is the eccentricity

Xoring 4 bits yeild p(0)=0.25+(e^2)
p(0)=0.5+8*(0.25^4)
Even for a bias of e=0.25 ,
=0.5**250.5+8*(0.25^4)=0.5**25
The bias diminishes from 0.25 to 0.05**25


Next,they compute cryptographic hashes using SHA-*, a secure hash algorithm.call this(2). The design considerations were never made public.

they use a comination of both to produce the random number. this is how i understand it.


You can however test for randomness using george margalissa's die hard battery test. See if the random data passes the tests.

Google for die hard randomness test, you will find a test kit,for various operating systems.


And yes,you can use images as keys.

hope this helps.

Regards Data.