mnutt
Torrent still detectable
Due to a key being used to identify a torrent inside an image, it will be extremely easy for the torrent to be discovered. What I mean is, if you can easily identify the image is a torrent, then way disguise the torrent in the first place? I think you have the right idea by hiding a torrent in an image, but why make an easily discoverable key?
I can't say that I have the answer, but ideas such as hiding the torrent AND a checksum in the file would be one way to validate the image is a torrent. Obviously not perfect, but one way to make it harder for someone to "prove" that an image contained a torrent file.
I don't even know if it is possible to create an image containing both the torrent AND some sort of validation as well. As with any "true" encryption, the "key" must be separate from the data.
Hash has an advantage of being harder to compute. Thus it is not cost-effective for 3rdparty (ISP, for example) to check each and every image that goes through for being a hidden torrent. Although adding a support for hash-less and signature-less image<->torrent decoding/encoding should be trivial, and won't break the compatibility (signature-oriented decoders just won't accept such images, you won't end up with corrupt torrent or something).
