1994-02-28 - Re: standard for stegonography?

Header Data

From: tcmay@netcom.com (Timothy C. May)
To: jeremy@crl.com (Jeremy Cooper)
Message Hash: 62d65732929a7f97a8629910348db1cf749dd4d0eea682ef85a2b94f8c79422e
Message ID: <199402280131.RAA26338@netcom9.netcom.com>
Reply To: <Pine.3.87.9402271452.A14528-0100000@crl.crl.com>
UTC Datetime: 1994-02-28 01:30:37 UTC
Raw Date: Sun, 27 Feb 94 17:30:37 PST

Raw message

From: tcmay@netcom.com (Timothy C. May)
Date: Sun, 27 Feb 94 17:30:37 PST
To: jeremy@crl.com (Jeremy Cooper)
Subject: Re: standard for stegonography?
In-Reply-To: <Pine.3.87.9402271452.A14528-0100000@crl.crl.com>
Message-ID: <199402280131.RAA26338@netcom9.netcom.com>
MIME-Version: 1.0
Content-Type: text/plain

Jeremy Cooper writes:

> I think the whole idea behind stego is that it is non-standard.  The way 
> in which you setgoize something must be constantly changing, otherwise 
> the point of stego (hiding information inside other information) would be 
> contradicted.  If there was a standard for hiding something, you would 
> always know where to look.

Not necessarily. Recall that one of the main stegonagraphic approaches
is to place signal bits in the "noise" bits of digitized audio
samples, digitized camera images, etc. Provided the bits "look like"
noise bits (lots of interesting issues here, which we've discussed
many times on this list), then the placement can be 'standardized" so
long as the key (of whatever type) is kept secret.

I agree that changing the placement/format of stego signals adds to
the security by a slight amount, via the usual "security through
obscurity," but the the type of stego we believe is quite feasible
with modern DATs, CDs, GIF images, etc., allows the signal bits to be
"hidden in plain sight."

I'm sure this is the "standard" being talked about. (BTW, I agree that
including trivially-readable messages like "***Begin Stego Block
Now*** is a dumb idea....with reasonable standards for block size,
e.g., the signal bits are the LSBs of the largest sub-block that's an
even power of 1, no such headers are needed.)

--Tim May

Timothy C. May         | Crypto Anarchy: encryption, digital money,  
tcmay@netcom.com       | anonymous networks, digital pseudonyms, zero
408-688-5409           | knowledge, reputations, information markets, 
W.A.S.T.E.: Aptos, CA  | black markets, collapse of governments.
Higher Power: 2^859433 | Public Key: PGP and MailSafe available.
"National borders are just speed bumps on the information superhighway."