Security News > 2021 > June > Intentional Flaw in GPRS Encryption Algorithm GEA-1
Remember just because you can see the crypto algorithm on paper and verify it's being used does not mean the algorithm or it's implementation is not "Backdoored" in some way.
"Signature algorithms like ElGamal and DSA have parameters which must be set with random information. He shows how one can make use of these parameters to send a message subliminally. Because the algorithm's signature creation procedure is unchanged, the signature remains verifiable and indistinguishable from a normal signature. Therefore, it is hard to detect if the subliminal channel is used."
Any plaintext message with "Structure" that contains "Random elements" that can be set by the sender can be used to implement "Subliminal channels" to covertly send information in "Plain sight".
Information theory clearly states early on that the information content of a message is based on the potential entropy in the message Claude Shannon made that publically clear back in the 1940's.
Whilst the meta-data can be in-band or out-of-band to minimise errors and maximise the actual information carrying capacity some structure has to be in-band, as a consequence of the laws of nature.
It's important to understand because ultimately you arrive at a proof that as long as you can communicate information, you can put covert information in the information being sent.