From: Jeremiah A Blatz <jer+@andrew.cmu.edu>
Date: Mon, 21 Oct 1996 01:53:41 -0700 (PDT)
To: cypherpunks@toad.com
Subject: Re: Stego via TCP/IP (was Re: crypto wish list)
In-Reply-To: <199610210018.RAA20993@dfw-ix5.ix.netcom.com>
Message-ID: <0mOnaO200YUe1ZflM0@andrew.cmu.edu>
MIME-Version: 1.0
Content-Type: text/plain


Bill Stewart <stewarts@ix.netcom.com> writes:
> I've been wondering about _un_sophisticated stego,
> for cases where you're trying to slip below the radar
> of simple bots or dumber eavesdropping thugs.  For instance,
> you could send that DOS executable .exe or animated GIF
> which really _does_ expand into the cover-traffic file or 
> generate the annoying flaming background for your web page,
> but which also drags along a bunch of stegobits that
> the executable thinks are just data it's ignoring or the
> GIF thinks is past the last frame.

Actually, animated gifs provide an excellent carrier for regular
stego. Just create your gif with 32 or so colors, then use the rest of
the bits for close matches. You could, say, use the standard
intersection of the Mac/Windoze pallettes. With something like this,
you get like 3 bits per pixel (if you do the color map right), which
could be enormous with a big animated gif.

Liking lossless animation standards,
Jer

"standing on top of the world/ never knew how you never could/ never knew
 why you never could live/ innocent life that everyone did" -Wormhole