From: J. Michael Diehl <mdiehl@triton.unm.edu>
Date: Wed, 23 Jun 93 23:58:28 PDT
To: nobody@soda.berkeley.edu
Subject: Re: Weak steganography
In-Reply-To: <9306171745.AA05015@soda.berkeley.edu>
Message-ID: <9306240658.AA15654@triton.unm.edu>
MIME-Version: 1.0
Content-Type: text/plain


According to nobody@soda.berkeley.edu:
> There are a couple of problems with the idea of sticking encrypted
> files onto the end of executable files.  The first is, to make this
> easy, you need a program to do it (and to "undo" it).  Well, if someone
> steals your computer and gets access to these files, they will probably
> also get access to this program.  This will tip them off to what you have
> done.

The technique I advocated was so simple, I could code it on my lunch hour at 
work.  I did.  If you didn't want to have such a thing on your machine, you 
could store it remotely, either on an ftp site or a local bbs.  Clean up 
your hard disk and there is no sign of anything.

> This is an example of the general principle that you need to assume that
> your attackers know or can discover the methods you are using, but they
> don't know the keys.

If steganography is to work, we must find ways to make this "principle" invalid.
Strong encryption will protect our "plain-sight-text."  It falls to Data-hiding
to protect our cyphertext.

> Another problem is that encrypted files look different from executable
> files.  Encrypted files have a uniform histogram (that is, all 256 different
> possible byte values are equally frequent), but exe files do not.  The
> appending of an encrypted file to an executable file will be very obvious.
> The exact boundary may not be immediately apparent, but it can probably
> be narrowed down to ten or twenty words without much effort at all.  In
> any case, exe files which have had this treatment will stick out like a
> sore thumb.

I was going to suggest, but Phil beet me to it, that we compress our executables

> Last, XOR'ing a PGP file with a repeated string is probably not a very
> good method.  PGP has a header at the front whose structure is known and
> which has some fixed bytes.  These can be used to immediately recover some

Well, we could do a lot of things here.  We could have the option of xor'ing,
adding, or subtracting....  We could add random bytes to the cyphertext, at 
offsets we specify and memorize....  I still think this could be done, and that
it would work.  If anyone else shares my enthusiasm, I'll try to get it coded up

+-----------------------+-----------------------------+---------+
| J. Michael Diehl ;-)  | I thought I was wrong once. | PGP KEY |
| mdiehl@triton.unm.edu |   But, I was mistaken.      |available|
| mike.diehl@fido.org   |                             | Ask Me! |
| (505) 299-2282        +-----------------------------+---------+
|                                                               |
+------"I'm just looking for the opportunity to be -------------+
|            Politically Incorrect!"   <Me>                     |
+-----If codes are outlawed, only criminals wil have codes.-----+
+----Is Big Brother in your phone?  If you don't know, ask me---+