There are three problems with this I can see straight off the bat:
- The noise itself may be interpreted as incriminating. If someone wants to make trouble for you, they can, based on the noise. Yes, you have plausible deniability, but this costs time and money.
- Fuzzing signals is tricky. If someone's snooping for unspecified suspicious behavior, noise may cloud things. If they're looking for specific data to tie you to people, places, times, events, etc., there are very powerful tools to cut through the things you're not interested to just the stuff that's relevant. Methods of masking printer identification marks suffer a similar problem.
- Even if you're generating pure random white noise, under a regime compelling decryption on request, you've now got to make the case that noise is in fact noise, and not very securely encrypted data. Again at a cost of time/money in the face of someone who wants to make trouble for you.
- The noise itself may be interpreted as incriminating. If someone wants to make trouble for you, they can, based on the noise. Yes, you have plausible deniability, but this costs time and money.
- Fuzzing signals is tricky. If someone's snooping for unspecified suspicious behavior, noise may cloud things. If they're looking for specific data to tie you to people, places, times, events, etc., there are very powerful tools to cut through the things you're not interested to just the stuff that's relevant. Methods of masking printer identification marks suffer a similar problem.
- Even if you're generating pure random white noise, under a regime compelling decryption on request, you've now got to make the case that noise is in fact noise, and not very securely encrypted data. Again at a cost of time/money in the face of someone who wants to make trouble for you.
reply