From: "Mark M." <markm@voicenet.com>
Date: Fri, 19 Jul 1996 07:18:28 +0800
To: cypherpunks@toad.com
Subject: Steganography
Message-ID: <Pine.LNX.3.94.960718144957.370B-100000@gak>
MIME-Version: 1.0
Content-Type: text/plain


-----BEGIN PGP SIGNED MESSAGE-----

There has been some discussion on steganography in the past few days.  I've
been thinking about the subject so here is a list of my random thoughts:

1. Steganography "standard": Current steganography software relies almost
totally on security through obscurity.  The problem with such an approach is
that there is no standard way to extract data from .gif or .jpg files.  If
two people want to communicate using stego, they have to have some secure
channel through which they could negotiate a protocol that could extract
information from data files.  This brings up the same Catch-22 situation that
exists with conventional cryptography.

My idea is that there should be some common, well-known way to de-stego data
files.  This really doesn't weaken the security of any stego software because
if strong crypto that doesn't append any headers on to the message is used in
conjunction with stego software, then the output of a stego program would just
appear to be random garbage.  There would be no way for the feds to prove that
the random data was encrypted.  I don't know much about graphic and sound file
formats, but I think that in most cases the least-significant bit of a graphics
or sound file should be pretty random anyway.

2. Recognizing stegoed data: Another problem with stegonography is that while
many programs use some kind of identifying header so the recipient can tell
whether the file contains hidden information or not, this also allows a snooper
to determine the same thing.  I think that the ability for the recipient to
identify whether the data is stegoed or not is important.  So I came up with
the idea of using a MAC keyed with the session key used to encrypt the hidden
data for checking if the picture contains stegoed data.  With this approach,
an attacker would not be able to verify if a file contained hidden data or not
since the session key would be encrypted with the recipient's public key.

3. Message pools: With steganography more widespread, the use of message pools
becomes a lot more interesting.  People could communicate anonymously using one
of the alt.binaries.* groups with everyone else reading the group completely
oblivious to this fact.  The posts would be pictures that would decode
normally, but only the recipient would be able to decrypt the hidden data.
Since the binaries newsgroups are among the most popular on the Usenet, reading
one of the binaries newsgroups would draw less suspicion then reading
alt.anonymous.messages.  I don't know how reliable some of the binaries groups
are since many NNTP servers don't carry them or expire the articles early, but
since cross-posting seems to be fairly common on those newsgroups anyway, a
cross-posted file with stegoed data would have a good chance of reaching the
recipient.

- -- Mark

PGP encrypted mail prefered
Key fingerprint = d61734f2800486ae6f79bfeb70f95348
http://www.voicenet.com/~markm/  


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3
Charset: noconv

iQCVAwUBMe6OdLZc+sv5siulAQHMOAP/Yv6SLWY/CCXzXj/91q0hh2M3oVjMr7a6
RBEKCaExosbjJojoTlM9epyzO/gC4jrAj+3IIeciPLHyJPgF2CJmW3NU4bRHPls5
d2kEUPCIc/mLVcbieEC4OO7QlYeFY0vIBn+y1CO3V0kLN20N6Y3845p4a7BY6Wa+
u7dE12QbZLc=
=8xQ7
-----END PGP SIGNATURE-----