1994-02-28 - Re: standard for stegonography?

Header Data

From: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
To: Matthew Gream <mgream@acacia.itd.uts.edu.au>
Message Hash: e57906d6dc87c24eb4eeee7c94c5c484c8666243b41ba12698e3c8ffcd56dba8
Message ID: <Pine.3.89.9402281853.A11533-0100000@delbruck.pharm.sunysb.edu>
Reply To: <9402282245.AA27627@acacia.itd.uts.EDU.AU>
UTC Datetime: 1994-02-28 23:32:45 UTC
Raw Date: Mon, 28 Feb 94 15:32:45 PST

Raw message

From: Sergey Goldgaber <sergey@delbruck.pharm.sunysb.edu>
Date: Mon, 28 Feb 94 15:32:45 PST
To: Matthew Gream <mgream@acacia.itd.uts.edu.au>
Subject: Re: standard for stegonography?
In-Reply-To: <9402282245.AA27627@acacia.itd.uts.EDU.AU>
Message-ID: <Pine.3.89.9402281853.A11533-0100000@delbruck.pharm.sunysb.edu>
MIME-Version: 1.0
Content-Type: text/plain

On Tue, 1 Mar 1994, Matthew Gream wrote:

> Earlier, Sergey Goldgaber wrote:
> > Didn't you mention something along the lines of hiding "---BEGIN PGP" headers
> > by using one-time pad encryption?  Or did I wildly misinterpret you?
> No. I said that, and I was referring to the case where you have a particular
> stegonographic technique such as pixel modulation, it could be an idea to
> place an encrypted header using something like IDEA in CFB that not only
> encrypts a signature but an identifier so as to know which program actually
You were originally referring to PGP in particular, were you not?

> did the stego, and hence be able to demodulate with that particular 
> technique. Therefore if you had seperate programs, each could interoperate.

Yes, I understand that your proposal is compatible with a variety of other 
schemes.  However, as you note below, this provides very limited security, 
unless the key is _non_standardized.

> Even though the essense of stego is to not know a message is hidden in a
> particular medium, whenever specific software comes out to do certain stego
> (jpegs etc), I can see NSA spooks adding it onto their short list of s/ware
> to run across any pictures they get. Stego becomes sort of pseudo-Stego and
> loses a certain amount of gain it once had (of course, if all you do is
> Stego an encrypted file without any structure, it'll be safe).

"Pseudo-Stego" can be relatively secure as long as a large number of 
different hiding schemes/standards are used by the public.  An effective 
means of ensuring this would be to use the reciever's public-key 
checksum-value as the standard offset for stego.  The large number of 
public-keys available make it rather infeasable for one's opponents to try 
them all.  This, I believe, provides pretty adequate security (assuming one 
strips any telltale headers off the hidden file beforehand).

> My 5c.
> Matthew.
> -- 
> Matthew Gream. ph: (02)-821-2043. M.Gream@uts.edu.au.
> PGPMail and brown paperbags accepted. - Non Servatum -
>   ''weirdo's make the world go around'' - A.Watts