From: jim@bilbo.suite.com (Jim Miller)
To: cypherpunks@toad.com
Message Hash: 9ccdc94a6f98d9aac28777305b837ec4afd71a35c6afddf1428bb772eabaefc4
Message ID: <9603052110.AA00640@bilbo.suite.com>
Reply To: N/A
UTC Datetime: 1996-03-07 17:48:47 UTC
Raw Date: Fri, 8 Mar 1996 01:48:47 +0800
From: jim@bilbo.suite.com (Jim Miller)
Date: Fri, 8 Mar 1996 01:48:47 +0800
To: cypherpunks@toad.com
Subject: Re: art-stego
Message-ID: <9603052110.AA00640@bilbo.suite.com>
MIME-Version: 1.0
Content-Type: text/plain
Jonathan Rochkind wrote:
> So a good steganography algorithm (which I understand
> exists) merely changes the values of the noise so that it
> now encodes your (random) message. So there's no way to
> look for "suspicious
bit patterns"
>
You are assuming that the noise bits have the same statistical properties
as cyphertext. I would be very surprised if this were the case. It takes
special effort to achieve good random bit streams. Image scanners may do
this by accident, but then again, maybe they don't. This uncertainty is,
in my opinion, the fatal flaw in image-based steganography. The same
reasoning applies to audio-based steganography. Unless the devices were
specially designed to insert cryptagraphically useful bits in the output
(or, as Tim May suggested, good garbage bits are inserted later), then you
should not rely on the pictures or audio files to keep your messages
hidden.
As an alternative to trying to hide bits, I proposed not hiding them at
all, but instead creating an innocent reason for passing around files that
contain, in some way or another, obvious random bit streams. The first
idea that came to mind was to use the random bit streams to create pretty
fractal pictures. I soon realized that any function that produces pretty
pictures would do the trick as long as there was a way to recover the
random bit stream given only the picture and the function. Perhaps it
would be possible to use random bit streams to generate cool BioMorphs
(ala "The Blind Watchmaker").
If enough people start passing around pictures generated from meaningless
random bit streams, then other people could use this traffic to covertly
exchange pictures generated from meaningful random bit streams.
> if they can manage to get a cleartext message out of it,
> plausible deniability is unlikely to get you far.
>
You could always claim you didn't know it was there, that you just
downloaded the picture out of curiosity. It might help, depending on what
country you live in.
Tim May wrote:
> Just bear in mind that this form of steganography is
> getting further away from conventional hiding, and
> into "pure plausible deniability." In fact, one need
> not even make a serious attempt to hide the encrypted
> bits: just call the encrypted file "art" and be done with
> it!
>
Come to think of it, if the picture files were larger than the random bit
streams, people very well might send just the random bit streams.
"Hey Bob, take a look at the picture this creates when you feed it to the
XYZ function (coefficient values A, B, and C)."
Jim_Miller@suite.com
P.S. In case anyone is wondering, the reason there is a large delay
between a post from me and a reply from me is that I'm not actually on the
mailing list. I read the messages by pointing my news reading at
nntp.hks.net
Return to March 1996
Return to ““Mark M.” <markm@voicenet.com>”