Steganographic broadcast?
Adversarial model: the adversary controls the communication channel and only allows communications it approves.
Ideas: broadcast "normal" message M1 that passes through the censor wall.
Then broadcast secret key material M2 that decrypts M1 to M3 which is your intended broadcast. Call f(a,b)=c the function that decrypts two messages into the third.
For a typical f, like xor, this idea is dumb because M2 cannot be broadcast; it's random.
But posit a certain amount of computational power. Might it be possible to find pairs (M4, M5), which have two properties: *both M4 and M5* are inoffensive to the censor, *and* M6=f(M4, M5) gives your intended message?
The problem is more or less that of finding hash collisions or cycles. If f is xor, or mod add, it's reversible, so it seems like you could pad M6 (the output) with random bytes, instead of the input, and then grind, which in this application is a critical difference. But no: xor doesn't "diffuse" like a hash and so you can't grind like that. Does any such f exist?
Might Wagner's attack help? I think you could do it with hundreds of messages but that's a stretch.
(Another angle is using data in messages that *has* to be random in encrypted traffic; see tlstweet).
This is just some thoughts about avoiding severe censorship; I doubt it's actually viable, but, maybe there's a direction there.
#cryptography #censorship
waxwing /
npub1va…knuu7
2025-04-13 15:39:16
Author Public Key
npub1vadcfln4ugt2h9ruwsuwu5vu5am4xaka7pw6m7axy79aqyhp6u5q9knuu7Published at
2025-04-13 15:39:16Event JSON
{
"id": "a16365893f0187009073edb4e5d14e02d6fd6e72d6dadf4e5b26a216a96926b2",
"pubkey": "675b84fe75e216ab947c7438ee519ca7775376ddf05dadfba6278bd012e1d728",
"created_at": 1744558756,
"kind": 1,
"tags": [
[
"t",
"cryptography"
],
[
"t",
"censorship"
]
],
"content": "Steganographic broadcast?\n\nAdversarial model: the adversary controls the communication channel and only allows communications it approves.\n\nIdeas: broadcast \"normal\" message M1 that passes through the censor wall.\n\nThen broadcast secret key material M2 that decrypts M1 to M3 which is your intended broadcast. Call f(a,b)=c the function that decrypts two messages into the third.\n\nFor a typical f, like xor, this idea is dumb because M2 cannot be broadcast; it's random.\n\nBut posit a certain amount of computational power. Might it be possible to find pairs (M4, M5), which have two properties: *both M4 and M5* are inoffensive to the censor, *and* M6=f(M4, M5) gives your intended message?\n\nThe problem is more or less that of finding hash collisions or cycles. If f is xor, or mod add, it's reversible, so it seems like you could pad M6 (the output) with random bytes, instead of the input, and then grind, which in this application is a critical difference. But no: xor doesn't \"diffuse\" like a hash and so you can't grind like that. Does any such f exist?\n\nMight Wagner's attack help? I think you could do it with hundreds of messages but that's a stretch.\n\n(Another angle is using data in messages that *has* to be random in encrypted traffic; see tlstweet).\n\nThis is just some thoughts about avoiding severe censorship; I doubt it's actually viable, but, maybe there's a direction there.\n\n#cryptography #censorship",
"sig": "f78d5c994e6378afe0747237f50ec8bcd180708b76ad38a5d5b2dbb124ce73ba4769804f50a20d140aecf17532f9195c6d8b5cc57ac8448f940b7abeeca3d3b9"
}